urlscan.io logo urlscan.io
SecurityTrails logo

tgfunnls.org Open in urlscan Pro
2606:4700:3033::ac43:bc5b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.fxtrading-info.com/index.php/campaigns/mt650t3r66559/track-url/ff341xw56af4d/1f4e08a7dce82470c4cd6d23b7bd63fd66ab1eac
Effective URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Submission: On August 05 via manual from MX
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 7 countries across 21 domains to perform 1139 HTTP transactions. The main IP is 2606:4700:3033::ac43:bc5b, located in United States and belongs to CLOUDFLARENET, US. The main domain is tgfunnls.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 26th 2021. Valid for: a year.
This is the only time tgfunnls.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34 18.195.174.160 16509 (AMAZON-02)
175 2606:4700:303... 13335 (CLOUDFLAR...)
385 2a0b:4d07:102::1 44239 (PROINITY ...)
16 18.195.123.247 16509 (AMAZON-02)
16 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
93 34.96.102.137 15169 (GOOGLE)
1 52.217.76.182 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
141 37.48.68.71 60781 (LEASEWEB-...)
16 139.45.195.8 9002 (RETN-AS)
10 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
16 13.224.96.91 16509 (AMAZON-02)
15 13.224.96.104 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
72 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 13.224.96.118 16509 (AMAZON-02)
1 108.128.72.146 16509 (AMAZON-02)
13 34.102.183.26 15169 (GOOGLE)
1139 23
1    2606:4700:3037::ac43:8a06 (United States)

ASN13335 (CLOUDFLARENET, US)
t.fxtrading-info.com
34    18.195.174.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
it.funin.digital
in.bd44.fun
175    2606:4700:3033::ac43:bc5b (United States)

ASN13335 (CLOUDFLARENET, US)
tgfunnls.org
385    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
static-13333.kxcdn.com
16    18.195.123.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
in.xr117.xyz
16    2606:4700:3033::6815:3d08 (United States)

ASN13335 (CLOUDFLARENET, US)
tagstaticx.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
93    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    52.217.76.182 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
16    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
141    37.48.68.71 (Den Helder, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tagdatax.com
tagdataxrt.com
16    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
10    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
31    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
34    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
16    13.224.96.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-91.zrh50.r.cloudfront.net
static.hotjar.com
15    13.224.96.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-104.zrh50.r.cloudfront.net
script.hotjar.com
2    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
72    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
15    13.224.96.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-118.zrh50.r.cloudfront.net
vars.hotjar.com
1    108.128.72.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
planet2.digital
13    34.102.183.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.183.102.34.bc.googleusercontent.com
cdn.pushcrew.com
Domain Requested by
385 static-13333.kxcdn.com tgfunnls.org
static-13333.kxcdn.com
175 tgfunnls.org tgfunnls.org
tagstaticx.com
109 tagdataxrt.com tagstaticx.com
93 dev.visualwebsiteoptimizer.com tgfunnls.org
dev.visualwebsiteoptimizer.com
82 www.google.com tgfunnls.org
34 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
tgfunnls.org
33 in.bd44.fun tgfunnls.org
32 tagdatax.com tagstaticx.com
32 www.googletagmanager.com tgfunnls.org
www.googletagmanager.com
16 static.hotjar.com tgfunnls.org
16 my.rtmark.net tagstaticx.com
16 pagead2.googlesyndication.com tagstaticx.com
16 tagstaticx.com tgfunnls.org
16 in.xr117.xyz tgfunnls.org
15 vars.hotjar.com static.hotjar.com
15 script.hotjar.com static.hotjar.com
13 cdn.pushcrew.com dev.visualwebsiteoptimizer.com
2 www.google.de tgfunnls.org
2 stats.g.doubleclick.net www.google-analytics.com
1 planet2.digital tgfunnls.org
1 s3.amazonaws.com tgfunnls.org
1 it.funin.digital 1 redirects
1 t.fxtrading-info.com 1 redirects
1139 23

This site contains links to these domains. Also see Links.

Domain
in.bd44.fun
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.kxcdn.com
Thawte RSA CA 2018		 2019-07-04 -
2021-09-01		 2 years crt.sh
in.bd44.fun
R3		 2021-07-08 -
2021-10-06		 3 months crt.sh
in.xr117.xyz
R3		 2021-07-12 -
2021-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
tagdatax.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-09 -
2021-12-10		 a year crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
tagdataxrt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-09 -
2022-03-09		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
planet2.digital
R3		 2021-06-18 -
2021-09-16		 3 months crt.sh
*.pushcrew.com
Go Daddy Secure Certificate Authority - G2		 2021-07-23 -
2022-08-24		 a year crt.sh

This page contains 17 frames:

Primary Page: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Frame ID: 321DE02E06D0DA6F04E4A70E582E355B
Requests: 1092 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 069A978D8906332FBB9FDCB655C020B0
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 409115F25459746EBB0E6EB114644ABA
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 0AB86DF3A5CB2EF5711778A759ABA988
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 80875242FB9360FF984A79264D1E1C0B
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 2F8522520F132373762190D107DA8E26
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 8B7597ACA7F968CDF26F2DB224213810
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 33F4781A95E3CE7D94B202C5F0BD70FB
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 38193ACBE1665220505C61E5CD9FBB75
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 6E797DECBD4DB79EEF819D5B27FDF07D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 915B34063AB2413ACFB6878545A443AC
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 82AB5077409893F0FB82900415F0139F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 7EB8BE27BEA7678942709CF53DAF41F0
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: FE19C90349C93BC7E5E271E107EAC624
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: C96667AEBB422916031E212048198494
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: F52D112EAABB49DCB86D30A7B9230A2D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 9AECCD930DED3EFED55D8435105DA6EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.fxtrading-info.com/index.php/campaigns/mt650t3r66559/track-url/ff341xw56af4d/1f4e08a7dce82470c4... HTTP 301
    http://it.funin.digital/01e2f792-c6ea-45a8-874b-4de020e57095?SID=FTMG&UID=MJ&EID=ES-ART-005&DPID=IG2... HTTP 302
    https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_D... Page URL
  2. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  3. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  4. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  5. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  6. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  7. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  8. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  9. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  10. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  11. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  12. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  13. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  14. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  15. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  16. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /dev\.visualwebsiteoptimizer\.com/i
Overall confidence: 100%
Detected patterns
  • html /<[^<]+class="[^"]*[^-](?:e-control|e-lib)/i

Page Statistics

1139
Requests

97 %
HTTPS

52 %
IPv6

21
Domains

23
Subdomains

23
IPs

7
Countries

20520 kB
Transfer

53031 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.fxtrading-info.com/index.php/campaigns/mt650t3r66559/track-url/ff341xw56af4d/1f4e08a7dce82470c4cd6d23b7bd63fd66ab1eac HTTP 301
    http://it.funin.digital/01e2f792-c6ea-45a8-874b-4de020e57095?SID=FTMG&UID=MJ&EID=ES-ART-005&DPID=IG22&Date=050821&USER=&CT=MM&EXS={EXS} HTTP 302
    https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220 Page URL
  2. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  3. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  4. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  5. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  6. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  7. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  8. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  9. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  10. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  11. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  12. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  13. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  14. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  15. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  16. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://t.fxtrading-info.com/index.php/campaigns/mt650t3r66559/track-url/ff341xw56af4d/1f4e08a7dce82470c4cd6d23b7bd63fd66ab1eac HTTP 301
  • http://it.funin.digital/01e2f792-c6ea-45a8-874b-4de020e57095?SID=FTMG&UID=MJ&EID=ES-ART-005&DPID=IG22&Date=050821&USER=&CT=MM&EXS={EXS} HTTP 302
  • https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220

1139 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tgfunnls.org/dly1st/
Redirect Chain
  • https://t.fxtrading-info.com/index.php/campaigns/mt650t3r66559/track-url/ff341xw56af4d/1f4e08a7dce82470c4cd6d23b7bd63fd66ab1eac
  • http://it.funin.digital/01e2f792-c6ea-45a8-874b-4de020e57095?SID=FTMG&UID=MJ&EID=ES-ART-005&DPID=IG22&Date=050821&USER=&CT=MM&EXS={EXS}
  • https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2251a7b03f5e24e40ddbcbd526c5d6aa082443a8f57ad52b9b970fc17d31e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:48 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D; expires=Thu, 05-Aug-2021 18:32:48 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLinwmK82rlzVDJl0pgH%2BImW7%2BwXet56kI38pq66LUktuwNzf%2BOO%2FoYKkN8cB4rJD%2B53Mxf9123CtJSrkqgGns%2BLcfRuRw03AiVXdi%2Bl%2Ba9f6AsgIv9q5DBtgNDsVGa7vfa%2Fdlr%2B4%2BEAg%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16c6cd8b51f2d-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Server
nginx
Date
Thu, 05 Aug 2021 16:32:48 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Pragma
no-cache
Set-Cookie
01e2f792-c6ea-45a8-874b-4de020e57095-v4=01e2f792-c6ea-45a8-874b-4de020e57095; Max-Age=86400; Expires=Fri, 06-Aug-2021 16:32:48 GMT; Domain=it.funin.digital; Path=/; HttpOnly cc-v4=wdR%2BqQ%2BwDSt4zgpsGn672n%2FlmZcQOBpnsczW3Trwj94nfRXDnI8KBj8fx9mJn0ndpMuzv6UuINiXflRQU53mw%2BLf64eCXZ9mbiawkiJYEDzH94%2Bd1oqz138GsYeZGMxt0SUa%2FPXl27b97KK1D5MBGA%3D%3D; Max-Age=31536000; Expires=Fri, 05-Aug-2022 16:32:48 GMT; Domain=it.funin.digital; Path=/; HttpOnly
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1479
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWJp6IwUbuXzsWSWl%2FMxlDBBY3jQoUbJnYEpIBcJnveErzv8utMGc%2FoNpsjHaDLYivkMIC54QY%2B6b648oQxZav1GKr%2BF%2FiBYCFEnW597%2F%2Bg3GTIq2x7TvIFidd1nZ5sfAdDQgvA%2BXeBKkBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c6e9ab105dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1479
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VNtss57TphB9GEoZ7HddCPEFkRtjsuwQxJeUNqfy6X7LcciWEZgrXnwEjW2EPV6%2B%2ByqddSPcCoFo61FdfM8TJCzLZRTEE4XUI6ePBMpOgumyUTlEpWETDin9Ln0IaruVpa%2FjyGLZzjmgaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c6e9ab405dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:48 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1479
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FCFFLOKIolXOAX54xfVgwxqJmEb6XMOv21%2BIlOFpwUlHSJFYvHTeQc0GQTkZIUN7aPYYw36TpBWIJQmL2EHZvp4uKO3fGIyNNRLlIH70JCvyjAzIQUzVMbbPGdMyhAqXIR%2FaxESWzB9tMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c6f5c7405dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1479
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC1hpnKn0Coy1V5F82q%2BwAj1jfjt83EAGRvRXh7jgJTePIHQtiABn6gsC790aaSa1v3aK%2BoFKk7ZzdJW7Q%2FbbOb6bwVWxgDK8nZM%2FOJz5TBhitZfCZkcCcD060ln30NMUWsFLhJVV8qHLqE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16c6f5c7f05dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSsrRuZUZekgE%2BFLARCUwKE2O9ptAuMqI36ZLLACanRqXgfemQDB9KblSrZ%2Botgn%2Feaj9BrQwxvsuQcvuXGd8oyiARcJsLtPvJfG61Elbcgt6TXvB%2FGAqCtFIMnRVzJ3OCvWHMp9P5jGfnM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c6ecb4505dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:48 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1479
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtWZuerDBp%2Fxp9D4hqbOCeAyPfztZsYumfkpudXKOcW9YvAkakHlTs%2FN5mqj%2BtR7Q5xLWNLjeYPuQPLVl90U6C3FYJJs7B1eT5hdaQLlEcIurNt8ey%2Fr2AHv%2F5RKQAwSTb0Vh6UHdrWqFYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c6eeb8c05dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2653
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ix8laSTL5C0msrYEeb0kxXNyvfhGeEc1PkhzmMXyl0iw21ndPQNVO7JkzcNhRQyTUsMkmzZiTv4efD1apr4XWYYzcn84aqaMY0qa0aYEPLsSW5OSYjXN1U7ovf48LrGV8ROyq0jsavbcZJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c6f2c2705dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:48 GMT
hp
in.xr117.xyz/ 		382 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:48 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:48 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
178
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECAdlBud4cofYM%2FajwdK734N25EYRreA5GdQ47Zeb9s9KFNfT%2F9XxhotOY6gZqImHH30XGXC7tvOaDzKeh9RqeMs27XjhwaakitUVq4eQZOCAIeruFb3BKoN6vfhbSvmnwqIcZRbaZAW0GNdBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c6f9c624e0e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:48 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3Dwis8ggh2qdjqf0i9i7jrk4ec%26qze%3D3%26aff_sub%3DIG22%26aff_sub2%3DFTMG_ES_DAILY_ES-ART-005%26aff_sub3%3D050821%26aff_sub4%3D%26tpsiteid%3D24220&f=1&r=0.3631012160978577
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
a04c426bfe3c8fd89a6f464a986e5b6e40788b9b0071005c196ff53a0a26f129

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:48 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:48 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:48 GMT
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2193
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNqeB%2BkfQqUwpqRX%2Fu0Ic9i%2FRbW3%2B8TIxGU83h2smyt2BUQRFCmbu4Rsn7lNVVDe1%2FZuRYxitVgjh%2BLaQxmegxecVUNp1stRBtpff2laUtRNeoa2N%2B0%2F74mBcEs4Zqb%2F7BVKEbSXkFCw1Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c723adf05dc-FRA
trackpush.min.js
s3.amazonaws.com/cdn.aimtell.com/trackpush/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.76.182 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c281534289b927590c5c7461288f0a406854993adcce2d8f98acb4fad5710c81

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Jun 2021 21:08:18 GMT
Server
AmazonS3
x-amz-request-id
SGBJWMKP2JKN8776
ETag
"9d0da86deb2a490466778728a0471352"
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
13005
x-amz-id-2
/H6ukevkW6QrH7vbku35pXLEviCcqn5Arx/KHm3JengVw14GCh95zjT9GioRNxKDDrhriInNsyQ=
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
XSRF-TOKEN=eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ%3D%3D; c=eyJpdiI6IlBOVk1Gck1wZHNcL3NsTnRoVDZmK053PT0iLCJ2YWx1ZSI6InpERGFMaEV6ancyTVAybnBOdkNoNXJ2RjZqdkNrOTYydTNFQm9aSmhNOCs5S3lHU1BxSGVQRnZCR0xBQ2pndEwiLCJtYWMiOiJmYzI5YTNiZjFhNzgyNTk2MzA3MWEyM2JiZmJjNjllMWU4Njk4ZDE5ZGJiODA3ODFlMTI1YTExYWZlNTNhOTU5In0%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
X-XSRF-TOKEN
eyJpdiI6IlFQekZKdVpjYU9uUEN1bGNaVmRvMFE9PSIsInZhbHVlIjoic0NNNTcrUE9ZR01MT3JNXC9uWVwvTXpTM2pXbWthc2ZiTWUwV2NBRjl6T0lwZjVQSXNUN0ZRSkYwMmpcL25ZSmJSVyIsIm1hYyI6ImNmM2RmMWU1YjQ2ZGZhNzhkNzVkODgwMjc3YWJiNDVlMzA3NWIzNGQyZDc2ZGE0M2I5NmI1OThlMmYxZmM4MzgifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGqX6yCs8fy9ek5kgM%2Bv9SD34IEMAdW%2FAWIIJp9p45g5u8Eh5F8vhE%2BBI79CVVlmv0k0TKfDW6nSy76gD%2FjGYgJKqgLLW8YV9qBAbpP2DWrFkJuZtm%2BP7fBrEyP7dhODiq%2FU3ojHVv%2B2gMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Im9tQlQzYXAyTlhGS1JRZk9pQkpyOUE9PSIsInZhbHVlIjoiWnV5NlB0UmY4cmpaSnZMZXFGQzJ0MnVBYUpBYnp4ZE5WZjlIUFYrdzhBN1JGdUVNUXJCVzVNUENXQlpLdGhqRiIsIm1hYyI6IjRiMjBjOTM5NDU5NDkyY2ViNmM0MjMyNDdlMzRlYWRhNTdhMGUzNjQxNDRlZWMxYjIyMGM4YTFmZTE4N2ExN2QifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:49 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjZPOWRvQnlWSTJZcHVcL09JQzVWK0dnPT0iLCJ2YWx1ZSI6IndnV0NxQ3FUSDY1Mm1rbThSWm1UblhlNmlBbGdiU3BLaW5BUU9SUGhTWkZzZ2FhSmVOZWJHZEx5NzgrUGRQSW8iLCJtYWMiOiI1MjVlYmE1Y2JiMWZlNmM4ZGYwZWNhYTJmMDhhNGJkNTIxZDljYjk0MWQ4MDM1YTA1MTQxYTAzYWExMzQ1MzYyIn0%3D; expires=Thu, 05-Aug-2021 18:32:49 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c727b8105dc-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:49 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
451d97c9884e0defc1a912c31a9f7c9d6d0bb824223e6c61418ef9c2777fa367

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:49 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2152bf5d624c7d7af03349c8e333b919ae8aa4beafc86e8cf6460b61d59ccc5c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:49 GMT
Server
nginx/1.19.10
Etag
bf089813-c6e9-4062-8df8-346303ff06cb
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:49 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:49 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:49 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:49 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:49 GMT
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:49 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:49 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3Dwis8ggh2qdjqf0i9i7jrk4ec%26qze%3D3%26aff_sub%3DIG22%26aff_sub2%3DFTMG_ES_DAILY_ES-ART-005%26aff_sub3%3D050821%26aff_sub4%3D%26tpsiteid%3D24220&f=1&r=0.3631012160978577
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.1850675942828104
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:48 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
6fd69bc1-19eb-4012-a356-4ffcccb585c4
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/6fd69bc1-19eb-4012-a356-4ffcccb585c4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1aa6dadd8dca8ccedbcc0570be007111ae97c1e941f9a8f825dce28d3c5ccbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51134
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:49 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3375
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
27
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
2QYhbpfIYDLzMhM8CcOEB-I2_zLtFrJi17lpyPPiHcyX5YT78PX1PQ==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
event
tgfunnls.org/ 		272 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid=wis8ggh2qdjqf0i9i7jrk4ec
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bd608ee2a9d4b953634b7a8d652231152773b6721b6af1a01fb167e9b2fc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6Im9tQlQzYXAyTlhGS1JRZk9pQkpyOUE9PSIsInZhbHVlIjoiWnV5NlB0UmY4cmpaSnZMZXFGQzJ0MnVBYUpBYnp4ZE5WZjlIUFYrdzhBN1JGdUVNUXJCVzVNUENXQlpLdGhqRiIsIm1hYyI6IjRiMjBjOTM5NDU5NDkyY2ViNmM0MjMyNDdlMzRlYWRhNTdhMGUzNjQxNDRlZWMxYjIyMGM4YTFmZTE4N2ExN2QifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; XSRF-TOKEN=eyJpdiI6Im9tQlQzYXAyTlhGS1JRZk9pQkpyOUE9PSIsInZhbHVlIjoiWnV5NlB0UmY4cmpaSnZMZXFGQzJ0MnVBYUpBYnp4ZE5WZjlIUFYrdzhBN1JGdUVNUXJCVzVNUENXQlpLdGhqRiIsIm1hYyI6IjRiMjBjOTM5NDU5NDkyY2ViNmM0MjMyNDdlMzRlYWRhNTdhMGUzNjQxNDRlZWMxYjIyMGM4YTFmZTE4N2ExN2QifQ%3D%3D; c=eyJpdiI6IjZPOWRvQnlWSTJZcHVcL09JQzVWK0dnPT0iLCJ2YWx1ZSI6IndnV0NxQ3FUSDY1Mm1rbThSWm1UblhlNmlBbGdiU3BLaW5BUU9SUGhTWkZzZ2FhSmVOZWJHZEx5NzgrUGRQSW8iLCJtYWMiOiI1MjVlYmE1Y2JiMWZlNmM4ZGYwZWNhYTJmMDhhNGJkNTIxZDljYjk0MWQ4MDM1YTA1MTQxYTAzYWExMzQ1MzYyIn0%3D
content-length
188
:path
/event?hitid=wis8ggh2qdjqf0i9i7jrk4ec
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
X-XSRF-TOKEN
eyJpdiI6Im9tQlQzYXAyTlhGS1JRZk9pQkpyOUE9PSIsInZhbHVlIjoiWnV5NlB0UmY4cmpaSnZMZXFGQzJ0MnVBYUpBYnp4ZE5WZjlIUFYrdzhBN1JGdUVNUXJCVzVNUENXQlpLdGhqRiIsIm1hYyI6IjRiMjBjOTM5NDU5NDkyY2ViNmM0MjMyNDdlMzRlYWRhNTdhMGUzNjQxNDRlZWMxYjIyMGM4YTFmZTE4N2ExN2QifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbjhFpvAC2930s%2ByUMDo4cSUyZXi2Du%2FOxAzzcXEhqZcPC94CFSOAH%2FIyrraI3JNCnQBEmwIvjzEN6oVOStqMYYPGWEvzsNBxm2BdEobYCcOq39sO8F6HEngP92z0ewGqXD7uVUdjUzMD2M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkxUc0dhMnYzeWNEU2lBNElDa2I5aFE9PSIsInZhbHVlIjoiRk9Ndkg2OUMrU2srZjFsbll6N2cxNWg3TlV6R09DcGVhaGVRRHFPTzBaXC9rTnhaWk5xdnhSVkZVSnE4ZXFlYkEiLCJtYWMiOiI3ZWI2ZmRhMjA3MzQwMmIwOTgyNzZhYTliNTRhZmZiY2QxMzIyYjE1ZWIzMmJiZjNmOWFiZmJlNWQyYzUwMzNiIn0%3D; expires=Thu, 05-Aug-2021 18:32:49 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImpaRGZEdG9WTGZkOGRsXC9IZGxHVDFRPT0iLCJ2YWx1ZSI6ImJEdG4xdnJLTHJPVzYxTkZqemM2Q2JyZ052SXFaYjVaaU8yMFZIUmR4djZkOWs1OEF4NGl0ZEhnNUVuZUNaS2UiLCJtYWMiOiJiYzAyODdiY2QxYWQyMWRmYjUxZGQ4ODgxOTUzNjFkZDZlZTE2OWM2MjIyZDNjOTYzZTkyNDYwMjIwYTc5YzZmIn0%3D; expires=Thu, 05-Aug-2021 18:32:49 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c73de7405dc-FRA
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:49 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:49 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.7531352369531905&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3Dwis8ggh2qdjqf0i9i7jrk4ec%26qze%3D3%26aff_sub%3DIG22%26aff_sub2%3DFTMG_ES_DAILY_ES-ART-005%26aff_sub3%3D050821%26aff_sub4%3D%26tpsiteid%3D24220
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2010886467&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3Dwis8ggh2qdjqf0i9i7jrk4ec%26qze%3D3%26aff_sub%3DIG22%26aff_sub2%3DFTMG_ES_DAILY_ES-ART-005%26aff_sub3%3D050821%26aff_sub4%3D%26tpsiteid%3D24220&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2013016305&gjid=87213578&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&_r=1&gtm=2wg840MSK8GMG&z=549312382
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=2010886467&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3Dwis8ggh2qdjqf0i9i7jrk4ec%26qze%3D3%26aff_sub%3DIG22%26aff_sub2%3DFTMG_ES_DAILY_ES-ART-005%26aff_sub3%3D050821%26aff_sub4%3D%26tpsiteid%3D24220&dt=Daily%20Profit&sid=1628181169&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
0YczkMsgfLGL4O9J9e6dTi1atl2i7HUQgELcUaBxJimh4T96rp1ZiQ==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.7783160810464318
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:48 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-192660002-1&cid=673974121.1628181169&jid=2013016305&gjid=87213578&_gid=2112476609.1628181169&_u=YEBAAEAAAAAAAC~&z=454832595
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 05 Aug 2021 16:32:49 GMT
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		0
0
ga-audiences
www.google.com/ads/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=673974121.1628181169&jid=2013016305&_u=YEBAAEAAAAAAAC~&z=508245249
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=673974121.1628181169&jid=2013016305&_u=YEBAAEAAAAAAAC~&z=508245249
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 069A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
5cO8VgFOm_FmtY5bqamiv2XVh6qgyx7bUr_NMftEfppGEM5X441KWA==
age
1613779
behaviour
planet2.digital/v1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://planet2.digital/v1/behaviour?type=CLICKER&userId=050821&service=
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:49 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:49 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9721492034d54f527ac54c65aa9c66d79a2e3f0edf753d7040a3f3d49788ff12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkxUc0dhMnYzeWNEU2lBNElDa2I5aFE9PSIsInZhbHVlIjoiRk9Ndkg2OUMrU2srZjFsbll6N2cxNWg3TlV6R09DcGVhaGVRRHFPTzBaXC9rTnhaWk5xdnhSVkZVSnE4ZXFlYkEiLCJtYWMiOiI3ZWI2ZmRhMjA3MzQwMmIwOTgyNzZhYTliNTRhZmZiY2QxMzIyYjE1ZWIzMmJiZjNmOWFiZmJlNWQyYzUwMzNiIn0%3D; c=eyJpdiI6ImpaRGZEdG9WTGZkOGRsXC9IZGxHVDFRPT0iLCJ2YWx1ZSI6ImJEdG4xdnJLTHJPVzYxTkZqemM2Q2JyZ052SXFaYjVaaU8yMFZIUmR4djZkOWs1OEF4NGl0ZEhnNUVuZUNaS2UiLCJtYWMiOiJiYzAyODdiY2QxYWQyMWRmYjUxZGQ4ODgxOTUzNjFkZDZlZTE2OWM2MjIyZDNjOTYzZTkyNDYwMjIwYTc5YzZmIn0%3D; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:49 GMT; Max-Age=7200; path=/ c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:49 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cY2POG82JqkH2Zelo%2F32pSDjeyuWuX%2FSIeTF8OZ8YKGyrYg1SA%2Bt%2B1GO%2F1nNAAMU4Kw%2FRHn6P5VdBLXjQdazqkPJ0p9adD8obV9j8mY8mEe2MWJ4PB3Af8ZwOPKdMBdBw6EE95w6xpLx1pA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16c765c0d05dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:49 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1480
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUOcu6fr52tGNd5QEHpH7AbcKWAeb6rS%2BDjVMQacovaFTkaeV3xZb8f%2F6WhviYiXVmeBerRjfpt%2F%2BCwnZS2B%2F7VnFfaPqKrsBh4EM39mjzriduEZpHCSWvUfy5lM9QF7gdSUVrgDu4KCtCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c77df6b05dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1480
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zuwefz5yf7hmRljq04LJ6ZS5eTlF0198JOqol8hGAor7EsxKSjfrUJ2tGW9wqrwNnv7prpTpNry7cYL7F0L0ScfnesWNkf9XK4sXHnNbohc1Obz60OgYW1%2FhpknYTKUztsHHJ6%2FJaNNWDoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c77df8605dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:49 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1480
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktvakQWwLTHxAx4XiVzZ06RSDZFa6CzMCtiEGguAGlLzVL3X8D4shH61HsdkCOgGmx%2B6a%2F5zaBnqvkQL0j2S39A3749NVN8ZLUhPUAUE6rp8nf1dAcgITlYzYiIbG7jHB3vYk093ftCyuzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c780fd705dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1480
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3Xf%2FO%2FqBbSiFLLkfQHwX9STKrvpaTaKjMGI3udzi1DFVU7h%2FM0jKetmxOcGLAM1sM4QI%2Fl6TjZ4%2FtAC1GM9kRES4ABqRHBCCOA3Y727QAVJ7Pq6EfwhHZm4nBh67RJfXgTN5B4ZAj9%2FM%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16c78484f05dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=habotRAt78I2PYSx0OgklkJiVs9%2BDOtmCHE9sFv9DG%2FAQrmq%2BMMhUizO9F9yZ0wbv5IyaV%2FaFcIYX%2BJTkfByXT6BRzxk%2FpwILvgn7qP2lXJfexh3Do53RZYDCwfK23VV4V10k%2BqNcBpyTUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c77ffbb05dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:49 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1480
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pv93YhFy8SCFlY9alNDveY29px1PNWf2otKyTu0BE4ItxbIgX7IJ%2BJropQ8C4sfhVtCjCLG%2Fmajb99x1eblVUHDAmr6NbeDT44myerZIcG7n%2BQrjVjgdfq%2B0LujGTQ3lDjY2q83U8eGOs3U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c780fcf05dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2654
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ueive7TNnZRAY7moK%2FpnP%2BRjSK77uLs0rkweh6bIgxI7icJ9Hrutm63MZBYaLnKook2AWdOXLeyL5%2BFUygL0Qhnus1IIkwCr1fuu0mYwbHS27CJ3%2B%2B0UQ6YuE3lDIqo%2Fb1J95gvi9nyhGI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c780fd505dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:49 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:49 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:50 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
179
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2fDi5zREKIhZgO65l3glxyzco0VTzsLa0mQhyCUTY7hpM0x%2FYnogctpdCmoDvLe3uktbVWZJ5%2BWaqlgw%2F8c1o5C%2FeMrlkvy%2BRNgvHU8JwFfGEM67idXHkmYvtGkC2hvjycm4TYYx0qbqHx8yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c786eb24e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0b38bfd020af6d1619b15a9a7642bcb8568072cf19b302e994838622e4f8a14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41862
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:49 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.5639934674516269
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
0d73a8d6e1b50216873fd17d01943c1500fef1de2f8d6c32eacd3828de06ebb0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:49 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:49 GMT
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:49 GMT
locate
tgfunnls.org/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=918uimMdySkOKi%2FTSEahWrYeUHbYZuumMJJzy6tkONeJ8iTVgL9a3hs19bzls5pPpzTaubr%2BieRtWkTkh6hlcpQ6HYJ7NkE3EJD9qbGomyJ4iGLMzIes1WBMpiclou83jZzDwfjbFi79Sf8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImhnK3NsXC9MTWYwMitYNG9aYmdOZEVBPT0iLCJ2YWx1ZSI6ImUzN0pVbm5CNGNuODBCTTNzcFZDcDdZMWliY3J0MGdWblhVblRBdytqNjZQMEM0dXNYSzhIZ1ZhWW5GaEhuVEYiLCJtYWMiOiI4YzQzYWViMjc2NDc1NGYwNWE0ODNkMTFkZTEzOGVlNWE5NmRmNmI0ODRhM2EwNDhkNDU3N2U3MTQ0N2VlYjMzIn0%3D; expires=Thu, 05-Aug-2021 18:32:50 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlR1clhTS3JPZXVkaWpIVEMrOXBHcXc9PSIsInZhbHVlIjoicVZ2N2tTUUdMV1k3eDlleWlESE5LdmxLSEVTOEJPOThRN3VUeWl4N1lmMnhTZHdqbTBFNk95U1FNVVpGV0RobCIsIm1hYyI6IjIzZTQzNzI0NmI0NzQ3Njc2NDdiYmRhNjBhMDBlZGU1YTFmMGFlNmY3NmE1ZGNjNjdhOWQyNTAwYTMxZDM5NzEifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:50 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c7909c705dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjJYbVR4VWg2cUs3V2JxM1NTdEZpeEE9PSIsInZhbHVlIjoiTFNkdWphUWFxNWtlNlU0M2lFQ2Z0SUFKUUp4M25sQ1Y1OUNsQkJ4OWROWVBYUFdxVUdSalZIMlAyeE1HWnVMWSIsIm1hYyI6IjkxN2FiMzg5ZDgzMjQxNzE2ZDRlMDU4ZTE2NDkyZWEzNmI2MDhkYmM3ZDMzY2VmNGUwMzg0NTMyMWFkMDc3NDYifQ%3D%3D; c=eyJpdiI6Im03TVJIR2FuU002bktsd0gwazZiRXc9PSIsInZhbHVlIjoiSWY2a2dGRnVhbHNQNGF4Ym9sY0NsVFhFTHE0NkdPOURmQWVNMmlJdlJFSHIyRmt4MGhyM1hFZjNESHFiaWMyMSIsIm1hYyI6ImM0NGJkMzM0MzllYTg1NjU0Y2RiMmFiZDUxZTRmMzllNGEzNzI3NTQ3MWFlYWUyNGVhNTA4YmU3YzQ4NDE0NDgifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2194
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nIJEcbXWbGOWgHi0f2H8NA4psUJaI714HCp1yED28ddSmZW9Sgc111hLlfulTsKNdlH%2FK2nrHV9nf5wl3W8KPp9MPvF9t1IZi6mF7LBuP3KK28GDXd0Peg1hRMRFbbsLQkIcMWSkytNFD4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c7909ca05dc-FRA
a64cb609-f511-4b2a-8693-f4c29c35b2ca
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/a64cb609-f511-4b2a-8693-f4c29c35b2ca
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.5639934674516269
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.6031899288956493
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:50 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:50 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
4b783818e7b30ce12f58bb89704956f488f4896443993a887837f7f366bdc7dd

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:50 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6ba53dd2547c684e0b8a2d4f07acc1e9c9f1851aa396a05d3cda3d92110ce95e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:50 GMT
Server
nginx/1.19.10
Etag
fb68312b-7718-427d-968c-26570873fe28
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:50 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:50 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:50 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:50 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:50 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3955d42c321fbe81060b58a781977863d35a896c23098c8885c846ca6509dc8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51135
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:50 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3376
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
28
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
L0RYZWntAl_WiiNw8_lAix1uTjJoX_3sUcORQxaEUD9v-YdrhZDJTg==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:50 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:50 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6ImhnK3NsXC9MTWYwMitYNG9aYmdOZEVBPT0iLCJ2YWx1ZSI6ImUzN0pVbm5CNGNuODBCTTNzcFZDcDdZMWliY3J0MGdWblhVblRBdytqNjZQMEM0dXNYSzhIZ1ZhWW5GaEhuVEYiLCJtYWMiOiI4YzQzYWViMjc2NDc1NGYwNWE0ODNkMTFkZTEzOGVlNWE5NmRmNmI0ODRhM2EwNDhkNDU3N2U3MTQ0N2VlYjMzIn0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.0.1628181169.0; _ga=GA1.1.673974121.1628181169; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImhnK3NsXC9MTWYwMitYNG9aYmdOZEVBPT0iLCJ2YWx1ZSI6ImUzN0pVbm5CNGNuODBCTTNzcFZDcDdZMWliY3J0MGdWblhVblRBdytqNjZQMEM0dXNYSzhIZ1ZhWW5GaEhuVEYiLCJtYWMiOiI4YzQzYWViMjc2NDc1NGYwNWE0ODNkMTFkZTEzOGVlNWE5NmRmNmI0ODRhM2EwNDhkNDU3N2U3MTQ0N2VlYjMzIn0%3D; c=eyJpdiI6IlR1clhTS3JPZXVkaWpIVEMrOXBHcXc9PSIsInZhbHVlIjoicVZ2N2tTUUdMV1k3eDlleWlESE5LdmxLSEVTOEJPOThRN3VUeWl4N1lmMnhTZHdqbTBFNk95U1FNVVpGV0RobCIsIm1hYyI6IjIzZTQzNzI0NmI0NzQ3Njc2NDdiYmRhNjBhMDBlZGU1YTFmMGFlNmY3NmE1ZGNjNjdhOWQyNTAwYTMxZDM5NzEifQ%3D%3D
content-length
179
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImhnK3NsXC9MTWYwMitYNG9aYmdOZEVBPT0iLCJ2YWx1ZSI6ImUzN0pVbm5CNGNuODBCTTNzcFZDcDdZMWliY3J0MGdWblhVblRBdytqNjZQMEM0dXNYSzhIZ1ZhWW5GaEhuVEYiLCJtYWMiOiI4YzQzYWViMjc2NDc1NGYwNWE0ODNkMTFkZTEzOGVlNWE5NmRmNmI0ODRhM2EwNDhkNDU3N2U3MTQ0N2VlYjMzIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbEEMrnA0020Va8LuFCqWNI08twCRmdpW7IAh3IcpKnDkEE%2FaVOscMYCi5KBVDf8tyno9N0qYW6%2BGSjmWK%2BzytASjJ5QciQ0hFkyQ3jd7GE4f3K3D2BoOgg4oopOnjLd3uOGAFGXhxJhXog%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlpXeGoyemYyVmRrZlJ1RXVZbFJxSkE9PSIsInZhbHVlIjoiZ05hNmo4cVVGQTJmcWpneTJxV3Znc1MzMGpjNkw4SVNTejdxeDZNYUt0b3YxMXhYOGV6T2hJYkJMZE80WUNvMSIsIm1hYyI6IjY2YTFlM2MxMmZhMmQxOTQwOGNmMTQ5MGIyNjc2MmQ4ODU5N2EyZjllMWU4ZGRlMDliZDA5MDk4NDIzNjY5ZDMifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:50 GMT; Max-Age=7200; path=/ c=eyJpdiI6Im5VZkx3bDk2ZjROUXRGSWRqQVZKMFE9PSIsInZhbHVlIjoicFZkM0N0a2h2d1dWRWhyNUIzUzlLVFwvd3VlZ1F5K2prd3czRm5LWWZKRmp2SEFPMGlqRWxzcnFHeUNUUHFMRlciLCJtYWMiOiJlZjQwNzMwYTQwZmQxMDNkN2ExNzdhZDkxYTc4NzRhMDQ0MGJhMjk1NmNkNGQ3ZjUzNWZmMDYwM2NhYjRhZDMyIn0%3D; expires=Thu, 05-Aug-2021 18:32:50 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c7a0bf005dc-FRA
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:50 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:50 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.5260024449651797&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=181327631&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=1067573788
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66270
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.047277882316109965
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8085
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
QSMZOOiDPb83P4JXIdPnWk0Zz_F39qcAocIP96X3GeeL0_yownKMtg==
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:49 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 4091 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
vsj6xM2WRWhvm7-JvNfWlcveT_mCmbHr6qOTs6eA0iB6dicSo6isTA==
age
1613780
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:50 GMT
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:50 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:50 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:50 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3fdda93c71d19438b22fb57873bd3dd2662a0f2b3993f9270388d11ef425ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlpXeGoyemYyVmRrZlJ1RXVZbFJxSkE9PSIsInZhbHVlIjoiZ05hNmo4cVVGQTJmcWpneTJxV3Znc1MzMGpjNkw4SVNTejdxeDZNYUt0b3YxMXhYOGV6T2hJYkJMZE80WUNvMSIsIm1hYyI6IjY2YTFlM2MxMmZhMmQxOTQwOGNmMTQ5MGIyNjc2MmQ4ODU5N2EyZjllMWU4ZGRlMDliZDA5MDk4NDIzNjY5ZDMifQ%3D%3D; c=eyJpdiI6Im5VZkx3bDk2ZjROUXRGSWRqQVZKMFE9PSIsInZhbHVlIjoicFZkM0N0a2h2d1dWRWhyNUIzUzlLVFwvd3VlZ1F5K2prd3czRm5LWWZKRmp2SEFPMGlqRWxzcnFHeUNUUHFMRlciLCJtYWMiOiJlZjQwNzMwYTQwZmQxMDNkN2ExNzdhZDkxYTc4NzRhMDQ0MGJhMjk1NmNkNGQ3ZjUzNWZmMDYwM2NhYjRhZDMyIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:50 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9; expires=Thu, 05-Aug-2021 18:32:50 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2B%2Bxp3XlQ1XdS1y1JO72AkCULgdSY59xRjXSjLtX8blzBMb%2FVE1hd%2B676YB%2BBFSKc6FJD%2Bg2FZXYej2VvZWwzM8GhtD2hiHea6fzmpaGVsTcddQ7sDG53WZ1y54HSV1oGiVif2dmEYpucNk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16c7d5ba705dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1481
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6JWP%2F9nHKZPqnzCCDSSVj0HDXQyzqq1RmCYa%2FArw0dErDPG3HsG4GGBa752MthDJyfm2d6lqFXtl1otQYKK9iXsc0%2BaGfn00rDBCTlivJZBMiGzhW0JKv%2FCsVjDxDkGM1D8U9jR7egqFmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c7ebee205dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1481
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obgSbYyF6DFCbScC5ipUx0PSwFGexYYepUCn7MoQx6u%2BtB2%2FCxIsqUmwDPDMG8b3%2BPtchRJNdjiS6CFUE%2BqQ4kY9qyT9mudagyTHuhWJmjkZk8cLPv1aKE4GsuWggcePv5Y%2F5D5H45doIa4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c7ebee705dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:50 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:50 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjz0sm6o5%2FzqZ6pH%2BvVYjx6k19hLxJUHnGyoP2HyxP51W7ieYbJNgd9pesQgH4QWpvevq%2BD1wR3ceSHtvK8VAJVcvW5Cz%2FYbY7ElmLjOWiVQTn9MRR%2FGn1A5xuskDg0hubmrjHq3gS66N7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c7eff7605dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtVCesUdzZNttmibA9vtc41ZF2Skey5pXhyB0p7AjynmxMwWTSrLpLy8PfgIOYZMAvlNcp%2FneDSxiUcKZufufqttHUgzgxMzM29007vvMGbRGiWLHNtRGAL3fmhMEigCKtEi8HaatqgWpCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16c7f0fac05dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chAyjjt5u8FpTp0bRQyymxjGAoPKcTRGypzScRBH1o2d4oZoB0kTCtRjw8WOtLdZJbbt9cM17Vvl1oSAvkQMAAUooZlAFgWGxpfstahnSfR5%2BlxRy0mfn2yNWN%2BF2%2FG8kD2SKIhIpKdcJZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c7edf4f05dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:51 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWuwzE6%2FfRaAWZVdA7gL3kf5uU%2B5kyvn2HtXt%2FWJVmgU140DKD%2B01byzWqks0YC6HN362zL3tVE1Kuc5EVR%2FDAPOGe1pimiMHiglTI%2BfGQG%2BGUuyWbHbq%2Fn5jinteAXQGQB6RF7SKU8%2F%2FaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c7eef6205dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2656
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOt0f1vWtD3l3kMirRY2uj4wh3ICnrrap5DWidCjzfbwILSG40GIggLsKSsCM0hTRZuRGlDMUfrX1kcujUm3MUtUvqy1woAOIxcU%2BNK1PZPeU%2FlIyXD0bwTewbNU1C%2Bt%2FjBsabwb1l86f%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c7eef6705dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:51 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:51 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:51 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
181
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpAl53FrVo3vzRfuwKLDai0RgekLLb%2FlFDWzRdfGphs9uXK1ulHSztyNUXmlRF6%2Fyb2HOoZL2KKhrmMpLN3WbqNFH1%2BAJw99UExeRsBB14tSr32puP2DbHSD4mXly8eZ5jIC8ZIP4bYe1EU7OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c7f0d974e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:51 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.588962276850634
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
c4aa6629837d7279b1b5693bc1e6f5f10f690598250f80644eb0eb27c417fb69

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:51 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:51 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEMLRPNdyekzERl4uiW4w9VKSb840Z3dWw%2B6UYzWme5KfqWVQ1MyXdqLQ69qpjCqC1HcvjPEZmzYVlIgQqcsxr1Bjo23Tc95no%2FKWo%2FgdH%2Fd8UA2%2F0rZblwOcV8Ak2xuvbO6uhdw0dJvmr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InBod2J1ME9weHRGUkpxd0RGd2JWdWc9PSIsInZhbHVlIjoiNis2b3JRQWkwZGtNN3RpV25FeFwvZ2Mxa2dLVXRIUWI5MVppbmY0aGt0RW85bzlZdTYra0h5RXpkV0tjS3ZIZGsiLCJtYWMiOiI0MzdhYTIwMWEyYWEwNWMxOTliMDQ2MTI3NTAxNmY5ZTcxZjBmYzBhYWZjYjEwNTMzZWFkYjIxZDI0M2UxYzM5In0%3D; expires=Thu, 05-Aug-2021 18:32:51 GMT; Max-Age=7200; path=/ c=eyJpdiI6Ik80ODRZeHRZbkpQQWJ2Nm9ERXZtVEE9PSIsInZhbHVlIjoibFNGbEswNmNIbkhtWjVBcTJ3a1FFazlEcVNvdjJIbmpVdDBGa0hZUms3RnlZMFdvR2RiUE5RUU92MWlSazZNWCIsIm1hYyI6IjQ2YjU1ZmUxY2NiZjMxMWUxYTZlNDY4OGRjMGNhYzExYTRiNjNiNjg3MjhlNDY5YWViYTU5Mjk2NThiZDM0NTgifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:51 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c7fa91605dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhzNzd6cWJTMGhZRW5ma1wvYTl2Q2FnPT0iLCJ2YWx1ZSI6IllpMG80bGlDR3ZOMjNFeCtVZ3ZZMjR4NFUxbEtnZno4dkJWXC9BSWhIXC9Mb3d3ZVlyc0VyeHI0ZTlCT2NTbGtqayIsIm1hYyI6IjdmOTI2ZjkyOGY1MDYyOTcwMDUyZTI2YTMxOTc5NDFiYmMzMmQyMmM3NGI4MDdjYzMzNmI1Y2JjNjQ2YzE3MWYifQ%3D%3D; c=eyJpdiI6IjBPVG1qWFB2bUwrNkd4T0FlTDV1MFE9PSIsInZhbHVlIjoiQ2xpaSthSHVZeUMxdU5WTFFRQ1NcL05HbjhTZVpPTlhnZ3F3a2VVdG05aHdoXC9nbXVPd0s4bTROa1J6RlE4Y2tzIiwibWFjIjoiZDQ3YzMwOGFjMjdiYmRjNmY5M2EyMTNhOThlNjQ5NjU2NDI1YjViN2YyMjMwNTdjYjc3MDEwZWZkMjIzNWY0YyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXhbCNC7TKQuQ6Ts6DDYo5ynL8yxVUhH01Xbf5uGMGrZicjV50jLRfGrVN0WYUPIqA7GCmHn899Iy8GqjUBw%2B2RvCD5bTOvmjKmUl5Ojuqqlbey5UJMO5RqWSuReuPTowiOvKRIpukqFZPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c7fa91905dc-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:51 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
c197a3c6150a5d97b2bbf573ea64f701a7dc8b070c41f9abe8c2715aa155f51c

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:51 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
67f840b94aa65d47e8c6b297c0748094d6bed1d8a6f0b6e6cfb7deb43b9052bf
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:51 GMT
Server
nginx/1.19.10
Etag
1f40af62-78e8-46ec-899a-aa9ef5583763
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:51 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:51 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:51 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:51 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:51 GMT
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:51 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:51 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
95300197-a25b-40ed-b773-8b962129d94a
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/95300197-a25b-40ed-b773-8b962129d94a
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.588962276850634
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.28823421387883763
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:50 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3955d42c321fbe81060b58a781977863d35a896c23098c8885c846ca6509dc8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51135
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:51 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3377
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
29
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
kcNohBPR0ovstGs6zY2tESZuhoQDCwgEveUUVDl-wFVlhsARDCLtzQ==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:51 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:51 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6InBod2J1ME9weHRGUkpxd0RGd2JWdWc9PSIsInZhbHVlIjoiNis2b3JRQWkwZGtNN3RpV25FeFwvZ2Mxa2dLVXRIUWI5MVppbmY0aGt0RW85bzlZdTYra0h5RXpkV0tjS3ZIZGsiLCJtYWMiOiI0MzdhYTIwMWEyYWEwNWMxOTliMDQ2MTI3NTAxNmY5ZTcxZjBmYzBhYWZjYjEwNTMzZWFkYjIxZDI0M2UxYzM5In0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181170.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InBod2J1ME9weHRGUkpxd0RGd2JWdWc9PSIsInZhbHVlIjoiNis2b3JRQWkwZGtNN3RpV25FeFwvZ2Mxa2dLVXRIUWI5MVppbmY0aGt0RW85bzlZdTYra0h5RXpkV0tjS3ZIZGsiLCJtYWMiOiI0MzdhYTIwMWEyYWEwNWMxOTliMDQ2MTI3NTAxNmY5ZTcxZjBmYzBhYWZjYjEwNTMzZWFkYjIxZDI0M2UxYzM5In0%3D; c=eyJpdiI6Ik80ODRZeHRZbkpQQWJ2Nm9ERXZtVEE9PSIsInZhbHVlIjoibFNGbEswNmNIbkhtWjVBcTJ3a1FFazlEcVNvdjJIbmpVdDBGa0hZUms3RnlZMFdvR2RiUE5RUU92MWlSazZNWCIsIm1hYyI6IjQ2YjU1ZmUxY2NiZjMxMWUxYTZlNDY4OGRjMGNhYzExYTRiNjNiNjg3MjhlNDY5YWViYTU5Mjk2NThiZDM0NTgifQ%3D%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6InBod2J1ME9weHRGUkpxd0RGd2JWdWc9PSIsInZhbHVlIjoiNis2b3JRQWkwZGtNN3RpV25FeFwvZ2Mxa2dLVXRIUWI5MVppbmY0aGt0RW85bzlZdTYra0h5RXpkV0tjS3ZIZGsiLCJtYWMiOiI0MzdhYTIwMWEyYWEwNWMxOTliMDQ2MTI3NTAxNmY5ZTcxZjBmYzBhYWZjYjEwNTMzZWFkYjIxZDI0M2UxYzM5In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptl769EZzCWcmic37fxkJq35rpa80%2ByC2LkS5bDVQnc3X6WMfmjvAVr6fjurLlQPdDT8msoeuDgnkKkt%2BMJ2YXQQwX0cKhLIqnBZjIXq2vCoZpgxgs%2FqBS5l7sKAZ8M8RZa6Vixq0qzWDew%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImJYamMyMnpYdGN1TWtTa0tBWXJNRnc9PSIsInZhbHVlIjoibWMwaHVWZThIVFwvXC9ZTHJ3OFh1MHJxM0xSQ2hBRG9zR1R3TE5ENXJ5Q1YzU01nNDNVV0tRSmo5enlFd3ZpVlZSIiwibWFjIjoiMzYwNGI3YzRhOWM3YTBjYjQ3ZmM0YjllMjY5YTQ0NjBmZWEyNGM1MDBhNzE3MGZkZWQzMDIxNDMzYWY0ODQzYyJ9; expires=Thu, 05-Aug-2021 18:32:51 GMT; Max-Age=7200; path=/ c=eyJpdiI6Im5wdTBHZjJvRjNOQzA4ejVxRFR5QWc9PSIsInZhbHVlIjoiV0RseWVncmtCaDZHVXFMZDUrc2tqaWx6VVwvMEZPODBhNHBQcVFvdmRnMGp2djgzZWxoYlJNcXVzREV1YndJQnUiLCJtYWMiOiI5M2U3ZjVmMWM2ZTA1MWIzY2VkYjRmNTBhM2QxNWRiNjBiMDJjZjBjNWM0NjI2YjA3NjZkZWY4OWZlODAwNWIyIn0%3D; expires=Thu, 05-Aug-2021 18:32:51 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c807add05dc-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1311088915&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=2146053196
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66271
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8086
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
OfcBPtegbsiHDGj3RX6NnN7juQknSh6alEv1mthD_cYDuPP0ExZuVQ==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.2722121866481675&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.6731101946751668
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 0AB8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
lnbueLFadxdTUNoWGvQjxytMaP3sxXV7cMlEKkHytxTv9GXcNJ5-xQ==
age
1613781
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:51 GMT
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:51 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:51 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:51 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d2b3e16237e33c3f6d393bf1e5764d75f1c6a58d4132c44d907f30a14fe275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImJYamMyMnpYdGN1TWtTa0tBWXJNRnc9PSIsInZhbHVlIjoibWMwaHVWZThIVFwvXC9ZTHJ3OFh1MHJxM0xSQ2hBRG9zR1R3TE5ENXJ5Q1YzU01nNDNVV0tRSmo5enlFd3ZpVlZSIiwibWFjIjoiMzYwNGI3YzRhOWM3YTBjYjQ3ZmM0YjllMjY5YTQ0NjBmZWEyNGM1MDBhNzE3MGZkZWQzMDIxNDMzYWY0ODQzYyJ9; c=eyJpdiI6Im5wdTBHZjJvRjNOQzA4ejVxRFR5QWc9PSIsInZhbHVlIjoiV0RseWVncmtCaDZHVXFMZDUrc2tqaWx6VVwvMEZPODBhNHBQcVFvdmRnMGp2djgzZWxoYlJNcXVzREV1YndJQnUiLCJtYWMiOiI5M2U3ZjVmMWM2ZTA1MWIzY2VkYjRmNTBhM2QxNWRiNjBiMDJjZjBjNWM0NjI2YjA3NjZkZWY4OWZlODAwNWIyIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; expires=Thu, 05-Aug-2021 18:32:51 GMT; Max-Age=7200; path=/ c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:51 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kTHbgeX%2FwbJl0zdVe1Gltf6s8CJW%2F%2Fp1VcMSMRjgkd5ZG6lWcUDH8f%2Boq%2BD3Ug2LWz76mSfHFeEuoP6tYTasm%2Fp84B5OeOkuD8oI43SVUy64DhV5CuJMYeFTHHaZfIxEtGyD4UsQgmvH6g%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16c83495005dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PV7%2BAFWdJBJiIpjC6eYBfPeOf7U%2FkJP8%2BwJLm5vvIrUoj0tXCYhwjZhbU7i8T3iGVSdIg6Zb%2F4N%2BKMIKAYe2zJnJUFu7gslHUQWWmwFlkxU%2BsVNf809YoTweYHlPXz8gsoF4%2B3BAMwoEXAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c848c1605dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGqH6Hajm8StWaXuMDPDG%2BtOZJDI0bG0i2jYsUNkIyg379fhncS2GllMHbewKdmnDXwu6enQe10IGWLs2d5AlCcU8cm12XiOZ4xjcPMDHjdSIzwHHlfoze%2FkDPbf464kH5QdmDp2pOZsgEs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c848c1705dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:51 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cTJo53sxB%2F7p%2FJU0MygL3mCzsFOMqvGZZgges35FfPYmGrUG039p%2BfBS2q2ODCobG2Acu2Y5UL3rv%2FbLOi6JH8IV83Mu%2BOGef2LxM94IYwRNESRTbjIg9s2VkvR%2Fl%2FtDzaX%2F%2B25t0xqVe0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c84bc8c05dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2B8j2JkWpYX0hfigjl%2FIPa0RPNaRRsTCn94zWwkGx1fYRlMqXxQCsitcireLz%2BwBHg5FaqpnYeripQwwRuZ3mfNvei44GO%2BGL3b4m1kdqS%2B0Ko1PlaOBWj7yg9XKVGp%2B5Z8ZydZD498DDGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16c84bc9205dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=151zvAFflJEUxuN0xzwWGHMy6F6xkgXFXxpkjvWk4AhcSoxFt4jyba%2Fcu%2BBj9U%2B6lHabtWDjkMwHlc%2FWOq6y8yCJ5lZSYm%2BQo7gbsajfEc9vauq5W3cf4wa1NVozarHA3TPDbcxTnQJiQuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c849c5505dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:51 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrcgZwspJ%2FSm0tgcNey8zEVMNGBliyfqBPbF0Ik3A4o6pQEZ%2BIlayyWr8SiQL2kxjdnMhkKgdGP87W7wEAXNIrcg6bBoD2ynUfPwD2Mew7lu7i8Www6OmDKQN1k6QVKwN35C6b7O2qkGHSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c84ac7405dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2656
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii3GKBysqaqzDmcjeqsDTHwH5jt6Rthh7oup2RgvMBvcdcp638YGRTCskfc9FJd3XuSTtTXW6jA%2F20egGOXGfRhZcjbRQgmHpg0GmbWvbFTwN0qk6X1fvDWRdwFAOhmuez4MCxsw%2FF6pu2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c84bc8605dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:51 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:51 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:52 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
181
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNO3e2R5f0cn9r31GGBFeEBuuCdeW8im5kgZNrtVdjAV8yLN9HMd8Wv%2BBjy6tJt2CiAyYMYhYX5rXug7cQEHAkl6ufD1tVcNvfxS6uSZfz5zEjExD3jdjd0F95B7QJw1m6a%2FhK%2F6UpHMrrSjUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c84b9cd4e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:51 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.859885633390733
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
9276f9f18f7a3375aabb111e433fdbbe6e9b82ff92ec03e38f4fbad6d039abf2

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:51 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:51 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:51 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1aa6dadd8dca8ccedbcc0570be007111ae97c1e941f9a8f825dce28d3c5ccbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51134
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3378
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
30
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
L-x6Yy8B7Td8A0oClOt9cjidlJGtcBITiHy8srYJDPn02BSXnBiiHw==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFQqBOmKwk3tHzobjaNGdpq1OU72ajU%2BghlzAA4CHl4vO3%2FgfZM4s6zgeDk0v%2F4Ba25GLbwRJKWiNr9LRPJc0of%2FLi%2BKdB1PmZhU5Ws5naf0em%2FFz9tORbbTcRbXIYc6GkN3GBGvQzgay8A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InRMOHgwTlc5RnU0eHJcL3VhZnl5aGZnPT0iLCJ2YWx1ZSI6IkUzb2Zrclh2U0JxVDNQUFdjRzlpTFNLT2FoTjFFZW5Kczh0UXpDYjZBR0FKQmdXWjVKTklVQ3RCcTg0dWtpMHkiLCJtYWMiOiI1ZDczYjgxYTAzZDk1MTYzMTg0ODQ4NTg3Zjg4ZjJlOWNlZDZmYTEzNzc5ZDVkMWFiOGNiOGQ5YmYwZThlZjA4In0%3D; expires=Thu, 05-Aug-2021 18:32:52 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImFOazdNY0hzTjJGMndEeitLSlROSnc9PSIsInZhbHVlIjoiVHlNZnhvWVZZMzZhQWxPSnpWYU40NVV3SlwvY2g2eHMxTWRlVDhxOU5Oemd2a3hQdkRpRG8xV1N6WFNCYTk0XC9yIiwibWFjIjoiODIyYTVlYjY0Nzk1ODI4N2QyMDI4YWU4ZTg5ODI0M2ZiM2I1Y2FmYmRhZDQ4NDQ0YTlkODVjMjM4ZDRiODA0NyJ9; expires=Thu, 05-Aug-2021 18:32:52 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c856e1405dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181171.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImMzZmpqK2JNdCtSVmZ5TXMraEhPTUE9PSIsInZhbHVlIjoiMGI2TldMUWI0OXBiYzZubDlEZFV1MFRaOGlFTWVrODR1bWJBUk1ENnNRTm5uRHgrTlNcL0dRU2lwUmJUNWlJdXciLCJtYWMiOiJmYzAxZjE1OTkyMTA2MjE3YjIxNDk2MTgxMGNiZTBhMzgzNmFkNDcwNjA2OTIyMDg1ZmI4NzU1YjE3ZjExNjg2In0%3D; c=eyJpdiI6IitpQTBnRzlValwvdjRFRDFReFlZS0FRPT0iLCJ2YWx1ZSI6IkNmb3ZYZjIxdnAxaGdrVDkycllPXC9BVzh3bk80cDh4OWNmM1NUWGtLY1VKNmJKamVZQStUR2VXanhTVFwvMDB4RSIsIm1hYyI6IjE1YmVjMGE4YjYwY2Y2YzcyOTk3NjA3NTgzNGE4NDBmMWM1MGVlOThjODg3ZjM2ODEzMzdmZDc4ZjdkMWYzYjQifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2196
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRvVKc0fI8oPvwJUaQmPhQnWxxpNDq024w7gDw6wHyQIstEAb3gWJeYQkoiacNRXGzjpPkghSL6W%2B0ZU%2BJqRUJcVPF6e%2FEwQC50BUPFbHfupmh5v92i55HDddZyf5yoC6%2FPlVxr7jzqp0Dc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c856e1505dc-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:52 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
a9c80b281cc1d2444016f906b5570f6a8d9e519b3f4d22f377162dec10aa4e85

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:52 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e77a3e5ff0540fd136302199a14031effb3688dcd81530f506e3753638b1920e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:52 GMT
Server
nginx/1.19.10
Etag
3282544f-e0da-477f-9cca-95b6e064c69d
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
a4d9130e-5873-458b-a153-fa297e7da8be
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/a4d9130e-5873-458b-a153-fa297e7da8be
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:52 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:52 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.859885633390733
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.5226340990413176
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:51 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=60049091&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=333134195
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66272
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:52 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
9ItmETxwptrbEQO7q-HmT6c3dyef4OH4UiYSS-0N6qlbR9nnMwWxGw==
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:52 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6InRMOHgwTlc5RnU0eHJcL3VhZnl5aGZnPT0iLCJ2YWx1ZSI6IkUzb2Zrclh2U0JxVDNQUFdjRzlpTFNLT2FoTjFFZW5Kczh0UXpDYjZBR0FKQmdXWjVKTklVQ3RCcTg0dWtpMHkiLCJtYWMiOiI1ZDczYjgxYTAzZDk1MTYzMTg0ODQ4NTg3Zjg4ZjJlOWNlZDZmYTEzNzc5ZDVkMWFiOGNiOGQ5YmYwZThlZjA4In0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InRMOHgwTlc5RnU0eHJcL3VhZnl5aGZnPT0iLCJ2YWx1ZSI6IkUzb2Zrclh2U0JxVDNQUFdjRzlpTFNLT2FoTjFFZW5Kczh0UXpDYjZBR0FKQmdXWjVKTklVQ3RCcTg0dWtpMHkiLCJtYWMiOiI1ZDczYjgxYTAzZDk1MTYzMTg0ODQ4NTg3Zjg4ZjJlOWNlZDZmYTEzNzc5ZDVkMWFiOGNiOGQ5YmYwZThlZjA4In0%3D; c=eyJpdiI6ImFOazdNY0hzTjJGMndEeitLSlROSnc9PSIsInZhbHVlIjoiVHlNZnhvWVZZMzZhQWxPSnpWYU40NVV3SlwvY2g2eHMxTWRlVDhxOU5Oemd2a3hQdkRpRG8xV1N6WFNCYTk0XC9yIiwibWFjIjoiODIyYTVlYjY0Nzk1ODI4N2QyMDI4YWU4ZTg5ODI0M2ZiM2I1Y2FmYmRhZDQ4NDQ0YTlkODVjMjM4ZDRiODA0NyJ9
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6InRMOHgwTlc5RnU0eHJcL3VhZnl5aGZnPT0iLCJ2YWx1ZSI6IkUzb2Zrclh2U0JxVDNQUFdjRzlpTFNLT2FoTjFFZW5Kczh0UXpDYjZBR0FKQmdXWjVKTklVQ3RCcTg0dWtpMHkiLCJtYWMiOiI1ZDczYjgxYTAzZDk1MTYzMTg0ODQ4NTg3Zjg4ZjJlOWNlZDZmYTEzNzc5ZDVkMWFiOGNiOGQ5YmYwZThlZjA4In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dK0iZCX7tY8D3XyuvtPeb4Rn4AE8Qq1agYWrBHFqyIA6H6vTpw6NKDwuS79mulClB3Ui0DSljYyMeMtzjX0gfnbIAv4dZZj5pMV3%2BihXvtVoJYIJZSz1sDaGMM5jAFYicO9QD0syjTFVfpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImJxNW5YdGMzQUhpeXZDS2Z5TWxsWWc9PSIsInZhbHVlIjoiU0VkSzNVRDZBSjI3N1NsMW5rRDRHOUVcLzZRY0dKa2pEdmJiRGwwTWU0aWpMb2RjZ3U5R3NObTdUNGNMVmwwUU0iLCJtYWMiOiJlYmI3ZWRkNzJiNzIxZjgyZWYxMWViYmVlNmYzOGMwMTFjZDUwOWIzNjNhZTlkZmNjNzRkMWM4MTk2MTk4MjIwIn0%3D; expires=Thu, 05-Aug-2021 18:32:52 GMT; Max-Age=7200; path=/ c=eyJpdiI6Ilwvaisybkhldm1RMGdpTmk0ampYSFl3PT0iLCJ2YWx1ZSI6ImFVMTJRVksyVVQ1XC9XMW1nNjVDTTNNVGFDUjBTMENoWWx6cWZqbHpkOGtOVmkzajd3eVpRbzhjNm9jR3FQanNRIiwibWFjIjoiNTMzMmU5YTcxNmYxYTJiNmY4NGRmYzFiZDcwN2YyY2FkNDMyM2ViMTc0OTE4NDgxZTlkMzUxNTBmNWNlNDg5NiJ9; expires=Thu, 05-Aug-2021 18:32:52 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c861f7105dc-FRA
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.7123900165989177&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.5471068351948849
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 8087 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
tnPYulg9Rx6zpkVlrqMOrO6QY1Fk3Bu3psUeE3f8BKFEv0-PWX-NyA==
age
1613782
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:51 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:52 GMT
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:52 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:52 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:52 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
478f7672809d30ff976c0e43e180a42b5055c76729ea2f570d4604fbec96ed1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImJxNW5YdGMzQUhpeXZDS2Z5TWxsWWc9PSIsInZhbHVlIjoiU0VkSzNVRDZBSjI3N1NsMW5rRDRHOUVcLzZRY0dKa2pEdmJiRGwwTWU0aWpMb2RjZ3U5R3NObTdUNGNMVmwwUU0iLCJtYWMiOiJlYmI3ZWRkNzJiNzIxZjgyZWYxMWViYmVlNmYzOGMwMTFjZDUwOWIzNjNhZTlkZmNjNzRkMWM4MTk2MTk4MjIwIn0%3D; c=eyJpdiI6Ilwvaisybkhldm1RMGdpTmk0ampYSFl3PT0iLCJ2YWx1ZSI6ImFVMTJRVksyVVQ1XC9XMW1nNjVDTTNNVGFDUjBTMENoWWx6cWZqbHpkOGtOVmkzajd3eVpRbzhjNm9jR3FQanNRIiwibWFjIjoiNTMzMmU5YTcxNmYxYTJiNmY4NGRmYzFiZDcwN2YyY2FkNDMyM2ViMTc0OTE4NDgxZTlkMzUxNTBmNWNlNDg5NiJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:52 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D; expires=Thu, 05-Aug-2021 18:32:52 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx0Z8cCXqRJpKyTtEwQ3rQXzLWQN7%2FUUJlkaOqs8l2EPMd2P5E5%2FR2Wpwc2pXH4RKiuLD3%2FqajR3nm3yWoZZOhIEGegrcMEXtXeFAhdz31JdsUGBigdstoGL%2B4MbsLp6Rw2A4KJQGIu8L70%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16c890e1105dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1483
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFetcv7a2UUEBnY65o3k%2F72f0I%2BvGNXP6cvHH5LFxt%2BiALk5k6VCWjaHWqG1Ulqw09nIekIBB3lXWJAeoTe3IUoznYLN8kh%2FnRBIAOxDygjmPV66Y668EPgf%2BBLKV70f7xBfKUcWwu3Ht50%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c8a490205dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
760 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1483
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyvWHfArWPMWSWQH4xOKTqaqWJ%2FTI1QjMBQVMhAkUJ0PGa3yNfftZfYf1cHNO8e17%2FXxCOwJduipno3OrAaSlKUIQ307gXIHsQvnchEKOf71A7iD5m8TLhZ3O7kzs3RxmMuZynbk1o9vNCw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c8a490405dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:52 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1483
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4eIMYDTZ1D7pHHCpu8Bd6yij40HrHPO%2FopQWAxJpYbuvheaOzSY3Wd90SCHuThnMYA9YAbza0Twm%2F32N4vZd2mbABNdUcLjyw1ImjhN6%2F9AOl5%2FQA9BeZGZviBuiHXngxEOJPttp3HNKhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c8a89bc05dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1483
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FhykLPGrv%2FcrhsxzZ1wvZwyVgMXXOWEWt9Stqt99Yii3E39f0UWpuluvfQl9EjMjKfozFSRFhTH4ZBEYpDa%2Bih%2BmzgjKKkLtuvKPVKs2q1Ru%2F8I3xIQ3UKRIBiOc1XgaSQMlx3HhaYlX9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16c8a89c005dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwGFQ2yOUvSSXIleuVqCm1FhRSUu1EW0ZwlRzlRwWJ9hG%2F44pOdTToo6HIvGePGuf%2Bb9xQHUzB%2F2TroypqM48Z%2FghCzjqNRJsyzXwWXd7y1iRewTlMc%2ByEcOBw4amr5%2Fm7jb9Zs0LKQFrk8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c8a695605dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:52 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1483
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vh94di4QNrsef2V%2BUXQLAhaFjZUUrbU%2BM4jxmatyaFCMYHXAf%2BJvWQp%2BOjlWQ2M3XbFO57hnMUxo7OCSfnnK0HxeaZJ3kCPBJqZ6uj3YmTQ2g3Ke067CTsJcPC6PaetgfKGu4AHrcu8FyDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c8a797805dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2657
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjpp%2FW%2F0aU8Zb540J%2Fge3rdPcuE8IO3Jg9fxo1x5G4mpMLR0iBkDGqJVhXaTuciziFvXm%2FTeBai4IsrcJ4TWERP3ADyBVzyoQLKF9ZqHizfSCx%2BTURT04mTgMerEUA5k7qdj3X5uv5%2BaCoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c8a89b605dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:52 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:52 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:52 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
182
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXYzL6y36Z%2B2fKkRx2L2bgo6NcVGV5zRN7%2FNLRSB5ctNJuyBTjRy%2BYRGK%2F8DeMosXP4sIWtWc3UWKm7qMYMzEnltR7v6xpYVeG2v8UT8qfgUBaiYOwVFNpX8b%2FlW97xbFYQg1zHgOeJuCTU8vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c8a88464e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:52 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8815272913229937
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
25da10f66e05aa24de502e97b9f26487fa76213406ea469ad6fbd61e4fff924d

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:52 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:52 GMT
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:52 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
0b3efc2e3cfb587d2c1a24bbb6cac4d720964e8c288a7629896a6d0d6194d2e0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:52 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
16465b3b0b421fa648fe283387a5729156274e1fa0b14c2277816407eef4676f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:52 GMT
Server
nginx/1.19.10
Etag
09078e67-2600-46da-9ea0-abf275502b6a
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8815272913229937
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.46775265517659004
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:52 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3955d42c321fbe81060b58a781977863d35a896c23098c8885c846ca6509dc8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51135
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:52 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3378
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
30
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
na1v0hd66M6K37mlSS1lexNsSULllCd-I4t7iaLvr_ijGZKa9vrJpA==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:52 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2196
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1SkqYqhLJXg2PmybcSeR40%2B1vlbgd0h3ciGLhCTV4mdVfDWtPvYeIHk8NfzkmUAAhtnaPbKtu1jJVenGEzJbdSEaXk0KmRNHmZBn7cSikwePIutB2s12iQreENPk3Niw6Rrxq35zv%2FK%2Frs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c8b1af505dc-FRA
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ%3D%3D; c=eyJpdiI6IjRPRFlGcHJRaW8wYUtjY2EwdDFwMkE9PSIsInZhbHVlIjoiNHZxS29sc1dCY0tFeEtmMlJFU0F4dFhMYVh6ajJ4MDF3QzJ6ekRadFwvY2RlREpyYzZpWW9mRjRxRmN2VVIxTVkiLCJtYWMiOiJhNGJlMGEyMGQwMzU2MDRmNTJmZWIyMTk5ZDgwZmI0MWJmN2UyZWNjMWNmYWU2ODUzNTIwMmM0YTc2MDZhOTFlIn0%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Imw0WE53Y1cyVXF6SWZ4RmpjUExJU1E9PSIsInZhbHVlIjoiSFl0S1pLK0ZNWURxMzdkOHBhU1Y2K0RUSHNjMGlOdlIyKzR4SG9uRXRqdXlkMGZwdDdnMVh1RFN6aUN2cnV4cyIsIm1hYyI6ImVlMTVjNmYyMWEzNjBkMGQ5OTczZmQxNzRiMzAwNTFjYmJhNmQ3MzhhNTQzYTllMTc5YTkwOWQzMTQ4OWUyOWMifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnFBRK0%2BljLKw4GgcGSHJgWNXosMemAqmc92yI8HXmk%2BB2ZDRP1SbVMPuXq1wxEkYThccWlNTKDRSWc8kkJ2aP7h8Lw94gvj%2BqwieFJUpXU6NKkr%2BdbPZSO39vSedSBw5HoNscQuhH2Mxek%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImRFSU9wRXdSSERcLzBaa2lrdlwvVkVBUT09IiwidmFsdWUiOiJ4SE1rcUFGaFpHaG5oM2p1VE9KeFNTQ2srNjFRcXhMblI3dXcxbjh2ejdISGpKU2JPbHJHZklPZ3lHcDlkMXVmIiwibWFjIjoiNjgwNjIxODBhOTdlYWExMWFkZGJmYzQ4NTZlYTg4Mzg1Mjk1NzljMjlkZWE5MjI3ZGU5NzNjOTg4NDIxOGQ5OSJ9; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjhjZVJIVEtWNG5aRG9YZHJpNWxLalE9PSIsInZhbHVlIjoiY2duZkp6VkY2VUpZV2dTY01ERHdncE1xbUtDSTk4OHE1WDBmT0JGcGdzVDlVUTNVdFV3cW9WaWp0MktSOGY4UyIsIm1hYyI6IjlkZmI4YTExOGM3MDhlMDdlZTdmMTU1ODY0MTA5OGE5YmI3ZDhlMjczYzE0Nzc5NzM1MjBkNjM4MjQ3MzYzNGEifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c8b3b4e05dc-FRA
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:53 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:53 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
ba22378f-9fdf-4920-8ccf-5afa00a5fdf8
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/ba22378f-9fdf-4920-8ccf-5afa00a5fdf8
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:53 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.7517094850509565&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=897131506&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=2098768311
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66273
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8088
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
CjHH0nF63h6fXGABgqVV8OsDitTdxE_il6Af5FaM84OHeK74RYiGig==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.4213278164376677
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6ImRFSU9wRXdSSERcLzBaa2lrdlwvVkVBUT09IiwidmFsdWUiOiJ4SE1rcUFGaFpHaG5oM2p1VE9KeFNTQ2srNjFRcXhMblI3dXcxbjh2ejdISGpKU2JPbHJHZklPZ3lHcDlkMXVmIiwibWFjIjoiNjgwNjIxODBhOTdlYWExMWFkZGJmYzQ4NTZlYTg4Mzg1Mjk1NzljMjlkZWE5MjI3ZGU5NzNjOTg4NDIxOGQ5OSJ9
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; XSRF-TOKEN=eyJpdiI6ImRFSU9wRXdSSERcLzBaa2lrdlwvVkVBUT09IiwidmFsdWUiOiJ4SE1rcUFGaFpHaG5oM2p1VE9KeFNTQ2srNjFRcXhMblI3dXcxbjh2ejdISGpKU2JPbHJHZklPZ3lHcDlkMXVmIiwibWFjIjoiNjgwNjIxODBhOTdlYWExMWFkZGJmYzQ4NTZlYTg4Mzg1Mjk1NzljMjlkZWE5MjI3ZGU5NzNjOTg4NDIxOGQ5OSJ9; c=eyJpdiI6IjhjZVJIVEtWNG5aRG9YZHJpNWxLalE9PSIsInZhbHVlIjoiY2duZkp6VkY2VUpZV2dTY01ERHdncE1xbUtDSTk4OHE1WDBmT0JGcGdzVDlVUTNVdFV3cW9WaWp0MktSOGY4UyIsIm1hYyI6IjlkZmI4YTExOGM3MDhlMDdlZTdmMTU1ODY0MTA5OGE5YmI3ZDhlMjczYzE0Nzc5NzM1MjBkNjM4MjQ3MzYzNGEifQ%3D%3D; _ga=GA1.1.673974121.1628181169
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImRFSU9wRXdSSERcLzBaa2lrdlwvVkVBUT09IiwidmFsdWUiOiJ4SE1rcUFGaFpHaG5oM2p1VE9KeFNTQ2srNjFRcXhMblI3dXcxbjh2ejdISGpKU2JPbHJHZklPZ3lHcDlkMXVmIiwibWFjIjoiNjgwNjIxODBhOTdlYWExMWFkZGJmYzQ4NTZlYTg4Mzg1Mjk1NzljMjlkZWE5MjI3ZGU5NzNjOTg4NDIxOGQ5OSJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZx4MVONHq8xGg3aW2od0Jymrx6fJqvmrt%2F%2BO7VlCPpj%2BnDvq7AfCbg8yW0rNNSvxpcWsbDsFM4ffqLzUo6yS7vQiPPGnDPBLCRSoTXzHJd81QWGnhb5LbaDVR06TQnpezHYRLZwxcUODr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImI4QjF1aVNPd0lBOFVxUXRrYUVIbEE9PSIsInZhbHVlIjoiMEpFK1dSOU1KR1RFMHJYSkVJZk9KeGMyK0JFUUJ0bUlqN2wrQ3prS3ptT2Jrbk9PMVdcL3pJd0ErSlwvcXVrYiszIiwibWFjIjoiMDJmNmFlN2FmOGEzN2RlZWE3YjBiM2YxN2M4YWViOGIxY2MyNmY3NjgyZGUxMmUxZmZmZmJjYTkxZWJmMTFkZiJ9; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkRURE5YTXVkc3U5YVRnN3g4ZExQelE9PSIsInZhbHVlIjoicHhEY083czM5eWEzWU5UckFvOExNckY5RXo4YXpuQ3B0dXk0XC9CK01ZSmFLMkdGcktGa0V2NzFmM3VOZkc3R1YiLCJtYWMiOiI5Yzg5NTMyOWEyMTgwZmVjZDM4MDFiY2U1NGMzNzk3MjFmOWRmODI0MTNmNjZlYWJlMjA5ZjM0NWNiNDE4N2VjIn0%3D; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c8bfcc905dc-FRA
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0dcaa288d7443af6f7a2a7b649169a522483b98cfc69f6313b8d84ade42388c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; XSRF-TOKEN=eyJpdiI6ImRFSU9wRXdSSERcLzBaa2lrdlwvVkVBUT09IiwidmFsdWUiOiJ4SE1rcUFGaFpHaG5oM2p1VE9KeFNTQ2srNjFRcXhMblI3dXcxbjh2ejdISGpKU2JPbHJHZklPZ3lHcDlkMXVmIiwibWFjIjoiNjgwNjIxODBhOTdlYWExMWFkZGJmYzQ4NTZlYTg4Mzg1Mjk1NzljMjlkZWE5MjI3ZGU5NzNjOTg4NDIxOGQ5OSJ9; c=eyJpdiI6IjhjZVJIVEtWNG5aRG9YZHJpNWxLalE9PSIsInZhbHVlIjoiY2duZkp6VkY2VUpZV2dTY01ERHdncE1xbUtDSTk4OHE1WDBmT0JGcGdzVDlVUTNVdFV3cW9WaWp0MktSOGY4UyIsIm1hYyI6IjlkZmI4YTExOGM3MDhlMDdlZTdmMTU1ODY0MTA5OGE5YmI3ZDhlMjczYzE0Nzc5NzM1MjBkNjM4MjQ3MzYzNGEifQ%3D%3D; _ga=GA1.1.673974121.1628181169
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz%2BGUHwkxvaIl%2F6makJaV939hT3g2s67w5wB8OkOpNEAlV1m3n05PhhSUY7JOnOqBiTcrM0ASWgl7KvqmPfifmaqCPkIrLT2Uc5Lhli9D5BiEUDAZaczhp3n7aSzRqy1I0wRL18NYX98v7s%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16c8c0d1105dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 2F85 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
kazm7LQyyL833fwNxuw_AwbGX1cpI0gBcPpC3nmBZ8DbYlYxlKHmbA==
age
1613783
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:53 GMT
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1484
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPJu36a2DSLZ6N7f6xWVcE4eDl6N4QywZTI7wfO2lpKTVZodYwaUHGtEZqAjFXmxJsGe6bFrgj5DmniJSVkbKqCtqOPZY%2Bab8ywffxMpDhw7Z%2FyW0odBa3bSLda3KHcqy8ZNJTt9qLBxp7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c8d582a05dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1484
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0muECkiaJcLJUiqSeWSCOpaO2AOdElGPuaIaM4b9UV0rhFECo5tmjqhtPTs%2BmWSeAvylnHVAYB0Ik81fPUDw5kwAeRQOgNLcppdBF6jC3ymIpWw1Vbr4r%2Fh9l%2FeOW9%2FsB4H%2F9uVo9jBxx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c8d582d05dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:53 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1484
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FsRHPhLY0SmZgXFFhmlzjSOl3MCCvQXy5D9KThps7c1GiuOnR8rkWM0%2BXAZLwk9%2BxOUb%2BGyoxQd8Gr8p0xpWL5EneBRVO5QB%2FGv%2FmHhpFNG%2F96QpZr3H8HM6YsvtN2lhN5oq1c6BRBy%2Fgs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c8da91505dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1484
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6OjjtXqNUHpDjFVwmaDR9SmvRyiSeHNvcwgDY6KnkY2Ol7PhfwRM0hkQxEO0zp%2BF%2FVFyFUKbD0UXxHpnbUO0Fa4aAXVbCyKNhTIWfbNzquhhPWKBhR1Ggn104c39r%2FbDWkVoFUORWoj1UU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16c8da91605dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7yYxaO8SXlSpAxMvVCIAH8PLr56crbyxFgVu8HxWBN2UkvPB11sQsM9kzgsTKC4Z84lPcaBoZDGY39kcM8Sy%2BlHXyx%2B2L8m7FzmF8v7XC%2B3avmxRXeoR4HvN7JEVSUoiQW8e9%2B4R45%2FpH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c8d788d05dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:53 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1484
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpgsi2z%2BwSnhDLPOltbrLehRcXtlEvX5YJoPseUrK86KPsL8HtKgiLetteH2kWNeXi6R6NTZ%2BFrySwgP6CD5MIwMbmatko34Bgc5c8OWNZm6kGuB7QonBosXDSJ1SSrwplZCZKsGppfYMz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c8da91005dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2658
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNZ9EpxN63v2A1lxPuwBwiX37lZaHlFuJ2tMCVrdXPvhZAjtm1%2FghF19GE3wJxmI0EgC5VX%2F4S%2Fd3MbFm8UqZM6%2B5tLgq7vsIydwRKtEyveHEe6LfGTjBZ8%2B%2B0QXB8jTaXVpiMZep5PE7i0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c8da91305dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:53 GMT
hp
in.xr117.xyz/ 		382 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:53 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:53 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
183
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzvlVO6hMgWGfXLO%2BpkT6Xu%2FOt5XSf0iqVw5Yy2eFvlejzMsrzL1qNMt%2BiiJ4oTuoSfCeWhuaiv7x64zsbxvWnadd1g%2BWR8zOtu%2Bu7B%2FIAlE3oJB3WlqUrdcN4VUare6wePzif1G80dLSmmOnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c8daf734e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0b38bfd020af6d1619b15a9a7642bcb8568072cf19b302e994838622e4f8a14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41862
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:53 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.6851762575228337
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b4d44ad5bc3c861564ae89e37e546cf1eb8f8ee1b8ecd21dd754b85128015e32

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:53 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:53 GMT
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:53 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
62720bf79ec388c25e96b69f10900140ef5de448497af3bdac944bbb32ecefb2

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:53 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
655d9f3b2fc094b1cc4a4ccb83e662af7e5920bf77ac351a0b7911f02b26087f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:53 GMT
Server
nginx/1.19.10
Etag
5e44eeed-f175-4eb3-abf6-4b5f5dcc7c7e
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:53 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:53 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:53 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:53 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:53 GMT
locate
tgfunnls.org/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gASLMwUKZvPWzO1eNPH2%2BBAALySQwwN85iYRfqWTm5%2F%2BG1S20q0gc6Vx3N3iprt3JLLKK%2FpYn5hFWWGxYCKxDooyTz834SVWCWUCl32NyjQrjWJr34i%2F2Aovn9FtNGJ3Fl8B1KtUTDk0qGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlwvVHJmaTFmdGJpQzF2VVBsXC9Db2UrZz09IiwidmFsdWUiOiJuRVZvVkxYTk5uZVkyVWRtOEdzT2ZIOVQ2VVVuXC9pTCtmTW5nMDhJcndoeFFhait5RG4zZGlyZzdQSGhXUUhtMiIsIm1hYyI6IjJkMTQ4NTcyMzUwMGVjNmNhZjQ4OGY2NmMwZTRlZmY5ZTk3YzA0MGViMDQzNjczOWVhNzczYjlmZWY4NWRlYTYifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/ c=eyJpdiI6InBlakxHUU1XU2VCeGtWTGVcL0JEZjBnPT0iLCJ2YWx1ZSI6InM3OVZCbFIxczlNUjQzdWlSa2JTenpVQVU0YjhaWTlDclNIaHlYdUJGRktJYUl2aUZhbmVTV0VqSlJGXC9qV1ZQIiwibWFjIjoiYWQ2ODBkMzk0MWNmMTc3NjY3NGI4ZDIyMWE0MGVkMTY4MDk0ZTk2ZDMyOTcwY2JkMTg2ZWRmYjY2Mzg0NTZiYiJ9; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c8e3a4705dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlITWtqSUQxMWtRaUhudWxcL0NaS2dnPT0iLCJ2YWx1ZSI6IjNYRHAxcDZLZVgzdW9FcUNGaGFlZXIzYVNxVEZMR2dvbnVVZWRtU0xUWWRSTEVrMnRwWGtzR3ZMUmRNemo1OWYiLCJtYWMiOiJlZWVmNGJkOTU3YzA1OTJiOTcyMzQ4ZjRiODQ0YjMwZmU4OTZkM2U4ZDVkMzQyZDU3NmJhNThiZjhmNzVjZGFjIn0%3D; c=eyJpdiI6IkVBVWNlQnV3WkJtdW8zWktySGpYdVE9PSIsInZhbHVlIjoiNGNGVytESEpkcXVSb2ZIbzVVc1wvcFROMjRNRzRWM3I3UFNjQmNCUzVEQmlWWU11YTA2ZXY0XC9BdjJvZ0pIMHNZIiwibWFjIjoiYzc4NDRiNDlhNjhjNzk4Y2E1ZTg2MjM2NmUzZTNlMGJjOTdkM2UyNWMyMzA4MmYzMjcxNjM4NWE3OGFkYWZiYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2197
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3IKkvgVsWnd8dAYBbJL9qFchiEzHjA8oYROrc09uXeLoiKxXTdoOair4LdyVkkxH5sDAHCcAv4JIbebEJ8Ces04EYE5r4P2mS%2Bd7WMZ1%2BXnqEdkEBsf27zBZ79LkWY%2BKsWE6J0CggMtLws%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c8e4a4905dc-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:53 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
5aa5e44d-6bba-4771-ac83-4902a29a537d
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/5aa5e44d-6bba-4771-ac83-4902a29a537d
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c52f07c64331e4ba4ced4ae100a81c7ffa8fc6b87e5aa03178cdbea531bc6d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51135
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:53 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3379
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
31
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
ud7tKikAbcOQsdtTAe5qO9kZ6DbiM1WzroostA5r5vr7MzhJKTeTcQ==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:53 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.6851762575228337
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.18425719955265496
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:53 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=2068472237&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=704101521
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66273
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IlwvVHJmaTFmdGJpQzF2VVBsXC9Db2UrZz09IiwidmFsdWUiOiJuRVZvVkxYTk5uZVkyVWRtOEdzT2ZIOVQ2VVVuXC9pTCtmTW5nMDhJcndoeFFhait5RG4zZGlyZzdQSGhXUUhtMiIsIm1hYyI6IjJkMTQ4NTcyMzUwMGVjNmNhZjQ4OGY2NmMwZTRlZmY5ZTk3YzA0MGViMDQzNjczOWVhNzczYjlmZWY4NWRlYTYifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181172.0; _ga=GA1.2.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlwvVHJmaTFmdGJpQzF2VVBsXC9Db2UrZz09IiwidmFsdWUiOiJuRVZvVkxYTk5uZVkyVWRtOEdzT2ZIOVQ2VVVuXC9pTCtmTW5nMDhJcndoeFFhait5RG4zZGlyZzdQSGhXUUhtMiIsIm1hYyI6IjJkMTQ4NTcyMzUwMGVjNmNhZjQ4OGY2NmMwZTRlZmY5ZTk3YzA0MGViMDQzNjczOWVhNzczYjlmZWY4NWRlYTYifQ%3D%3D; c=eyJpdiI6InBlakxHUU1XU2VCeGtWTGVcL0JEZjBnPT0iLCJ2YWx1ZSI6InM3OVZCbFIxczlNUjQzdWlSa2JTenpVQVU0YjhaWTlDclNIaHlYdUJGRktJYUl2aUZhbmVTV0VqSlJGXC9qV1ZQIiwibWFjIjoiYWQ2ODBkMzk0MWNmMTc3NjY3NGI4ZDIyMWE0MGVkMTY4MDk0ZTk2ZDMyOTcwY2JkMTg2ZWRmYjY2Mzg0NTZiYiJ9
content-length
179
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IlwvVHJmaTFmdGJpQzF2VVBsXC9Db2UrZz09IiwidmFsdWUiOiJuRVZvVkxYTk5uZVkyVWRtOEdzT2ZIOVQ2VVVuXC9pTCtmTW5nMDhJcndoeFFhait5RG4zZGlyZzdQSGhXUUhtMiIsIm1hYyI6IjJkMTQ4NTcyMzUwMGVjNmNhZjQ4OGY2NmMwZTRlZmY5ZTk3YzA0MGViMDQzNjczOWVhNzczYjlmZWY4NWRlYTYifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZGMq4Z8a6ev0xtmK90xKA%2Fu6kJEPDOXjCQTMw4LnV9%2BwUIIUruj5mkl1cK8WiwWvubPj%2BKmie4q3LkuGhGw5dW0IiDx7ViYiwaLvzMdjfMEsvC3ol%2FS8I9dEm7mThf8hJ7WYv5m%2BhBO7CA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InlqSCt3REt5RnJ2YWlkbTZVcGxDMEE9PSIsInZhbHVlIjoiTTkrVWJvbUdOckQ3RDFNQ0hHVmx6WE5QcFBYZ08reGlVUjQ5UWxBQkRqMzQ5UFZUS2hQQUFKS0phK3ppdWk1SCIsIm1hYyI6IjkzNWIyOTE1ODk2YzNhMTNiYjYyNThhN2ViMzhjMTc4OTU4ZjI2OWU0MDlhYTk2NzQ0NjgxNjY2YWUzMTQwYjUifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/ c=eyJpdiI6IldpUGpmXC93Tm8wczRJWlNQVmMwdWVBPT0iLCJ2YWx1ZSI6ImtzR1loQ2VBRDdLbDJXK2NvclEzdnY4S2RDUTJkamM2WmRcL1oxWm9relFGdnRCZ1hYbUlsXC9VXC8wZUwyZlVTdHgiLCJtYWMiOiJiZjE5M2Y4MjQyY2I1NzA2M2RhYmI3M2UzZmM4OTJlMjNlZGRmMjFhNGMwNzgyMDllZDcyNmJkOTAwNTljYzE0In0%3D; expires=Thu, 05-Aug-2021 18:32:53 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c8eec3405dc-FRA
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8088
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
VG5RJHWHBgSIm7CZBCjy88bVcNbCCFzKpu-BEcScfapudYcKM3WlyQ==
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 8B75 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Fut4Ecqkz6QpU6gEy8ULezipFBECJ--f6qvHoXyXxUqcEsD5QqXJ_Q==
age
1613783
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:53 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cdac7601623f54e7e7a20969eaf93ad8a178fcd75439a3b8698c02db20e5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InlqSCt3REt5RnJ2YWlkbTZVcGxDMEE9PSIsInZhbHVlIjoiTTkrVWJvbUdOckQ3RDFNQ0hHVmx6WE5QcFBYZ08reGlVUjQ5UWxBQkRqMzQ5UFZUS2hQQUFKS0phK3ppdWk1SCIsIm1hYyI6IjkzNWIyOTE1ODk2YzNhMTNiYjYyNThhN2ViMzhjMTc4OTU4ZjI2OWU0MDlhYTk2NzQ0NjgxNjY2YWUzMTQwYjUifQ%3D%3D; c=eyJpdiI6IldpUGpmXC93Tm8wczRJWlNQVmMwdWVBPT0iLCJ2YWx1ZSI6ImtzR1loQ2VBRDdLbDJXK2NvclEzdnY4S2RDUTJkamM2WmRcL1oxWm9relFGdnRCZ1hYbUlsXC9VXC8wZUwyZlVTdHgiLCJtYWMiOiJiZjE5M2Y4MjQyY2I1NzA2M2RhYmI3M2UzZmM4OTJlMjNlZGRmMjFhNGMwNzgyMDllZDcyNmJkOTAwNTljYzE0In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:54 GMT; Max-Age=7200; path=/ c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D; expires=Thu, 05-Aug-2021 18:32:54 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8e9ce3ye9mwyyMGs%2FlBrL130zkLomnaNjyoV4kUQvN%2FqArZXcBvdQTMQKnglmYWJmb0H7ER8jisJkEBCDNkpD9CqyGxir1uu6WLFVntkSeqNHLMjXj5oMtD9fsJgXGEMKOuk9F3VISdF28%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16c916a6e05dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:54 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.43554508023539396&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.5651527549741484
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1485
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceg7THKQt6as7sJPqtmVaUYzjKDCWOagT0ze9eygkNcCsFRfd%2B70uuSGLR6PrP541rTDL%2FXTa8zr4hhNbFHkZY0m0tZwXq1vrGZrgZb5jaw6e6DJkT7%2B4c0ryjBZ7POXin0eAQ7g2Wr2pQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c932e1105dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1485
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsDwPGNSAN6CcEBK3IaVYLf7f6%2Fdr2SSEJSX0WqezWeCGaCjYpxDfvVwze4rZlfn2KXzHz%2BXBpONlMlVIEk9zBS9SQ6dvx%2FZxs5F%2FpGhmg7KqIfxUh4%2F1cs19s%2FkpcvmTobgevr%2Bnr9Uj%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c932e1305dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:54 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1485
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9RAKvDELO%2BSMiJY7L3aMQl9i1JwNNK3S56wa%2BNB4gZCLIcxHFN5cxRqRnNwrsOChXKIwi9KxX6PSuy4g46aGTw1Q4FbBI1d6g0X6viUqGMeG76cwM9N3CU3SDIdI4iF4nrSMk792Exg8GA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c935e9d05dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1485
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5qQvhSgZiN6vV9pWgY7G2tXV9dEckBFEsZSGQCW0Ne8JY0AL7PYP0oL0D5t%2BmBXToAEKr4n08CiXU%2BJas8cg0eUW9Q%2BN1a717hphR6%2FQ266S8QpCW%2Bb4RfirmHnkqty%2BEkTGbo3L0Ve0pI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16c936ea205dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKZENc1eJqRWoDIIzA3LOACU1HPDGHAKvPurEycEPykSNzIUXgedilvPED3GydeH%2B3FcDcbPom4Wd0OWLjRngBM%2B5EbTpSvLwROTjdTIBOlstCszF%2FxSZ5XLq9ZyobXEFXKkXwpk1%2Fu1K8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c933e4a05dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:54 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1485
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jsDTk3CaLHqvBHU%2FZXuVSxSJ8M54pmM9rHqEm%2FOfDvPg7Osys%2BJZmpAVTiDH9slf7nOcOtazveX%2FMEds0ALkiL%2F%2BU7JeNjU2XzYB7lQcKZny0bD%2FAnL9yyxNRr9hQdZTOEtjSTmimrowB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c934e7905dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2659
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlfs2Xk3qWFdXPbDJD%2FGr6%2F7BawwxlKsRKKBclNsT49CZE3fHisEx%2BKoI6LXCIBu1lRprcPNVx9xq55qPUlYhz1u%2FV1DviE3Dt7BvODrofOgJDfCJs3mhjv4sWT6Hqm7uDSiDBee4VmR1aI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c935e8805dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:54 GMT
hp
in.xr117.xyz/ 		382 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:54 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:54 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
184
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6m188%2FfZ3MTWm%2BFVVF07DCKifsxqJrtmSB3j%2B%2FbIUIQ%2F5FBkK4VerUMR%2B2F2DPEdl5JTx2NL%2FLuLFNk7MOSY5g%2B1umt4rewY8%2FYLANV3dByMJSViEeonenZzU0ssd4MVag7YCn5kZNZu77%2FhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c936c3a4e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:54 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8413230813540642
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
88589a3105395d8e9f05b61be662a99cf1ca5da9f72cbf0fe8716da8ef353a1e

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:54 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:54 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:54 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e8a665363deeceb06c9807ee73785b6ba99f3669e6479e56c00e8006c7a24e6c

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:54 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0355cc14bab476b0dd48a2a8003eb8a1de208838d6053db627cbe000b94dae74
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:54 GMT
Server
nginx/1.19.10
Etag
8f17f46a-a563-4f43-bc1f-0237ee882df0
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:54 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:54 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:54 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:54 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:54 GMT
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2198
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uynpp8o%2BlwsvLASI9GwpW9NJdt6oOoqUTYXyCem87ohAn2fBvtCen%2BjBSmJ2urEVoEkauLUyVHLluMTtidMdbSk9YF1tv%2BiABYwJOXWJvR0zG7s040vVh9TdaLUcsB820EuVI%2BQeEUer5ic%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c93ffde05dc-FRA
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181173.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ%3D%3D; c=eyJpdiI6InY3TWRQU3ZibnIySXZOUGRGUzJCVUE9PSIsInZhbHVlIjoiZ3lpS2MzTUhtbnN2QlJnWDJcL2ZYZzNKelFPOUNvQ2xDZE85bW9SSWxTMnM1OUJybnhZSWdUcWs2Rit0SzRYbXAiLCJtYWMiOiJmZWRkODEyNGZmMDFkYjIwNWY3NjJmOGU4MzhhNDU2MGNkYzNmNTMxOTI2ODZkNmU1YmQwMzI0ZDM0NDZiNjczIn0%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IkVNQklva0k3VnJ6SWpUYjIzT3lySGc9PSIsInZhbHVlIjoiZllIVmlDSG1YeEVYdjZjZTNLcHNRSHQ3MHhObVJUcmZwMXNsNWZ4MWFjeCtNT1dLYlhTa3Q4bytneHFGc2hvbCIsIm1hYyI6ImVkZDViNWMwOTg5ZmY3Yjk2MTc0OTU3Nzg5ZGNlN2YzNzQyYzI2MWVjZmM2N2JkMWZmZjYzMTBhZGEyMzU5OTMifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FG8u3EgnImkZFwJz2FHJoQ590%2B7zB5Vhf4rnN42%2BflW%2FxLR3NtVjAobNEqjgTHpHHLjd7SrSX4tXGB4sJHxoVayX%2FXaJxnJidZZrF7x3PVxZvWslgZWff%2BMNuGMruRd21VLsQWShC364OQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlVnRG0zUFI0WHVMV0c2N01vZ0w5VkE9PSIsInZhbHVlIjoiYko5K0VTK09QMUZpbnJJcVYzdUM2ZjZzZmJvTVVOaW9qMEIrWHc2MStZWUYzck1aNWkyZUwraFZjcGZQWERTQyIsIm1hYyI6ImE4YTc2YTVjYzgzOWE0MmI4NDE4NTMyMTgxY2JiNDdhYjBjYmJmYTZkMmI1YTg3NzY4OWM0YjBkZmQ1YTVhZGEifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:54 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjJ1WlFJY0lOd3I3T1VWWTZwRko3eEE9PSIsInZhbHVlIjoiYU1mdkp2eUpvTVpPaFBnR2ZRTHFLM1ZzeGV2Q1hzbVpcLzJxSjdCY2JkSklYR3NDOG16dTFhWlY2cER2cTR6a0ciLCJtYWMiOiJhOGMyNGI0NzI4MzhjMmE4NTRmM2YwYmU4NTQxOGIxYmIyYzZjNTQ1MmZlM2Q4MGNlY2M0MjVmN2ZmMjdiYjIyIn0%3D; expires=Thu, 05-Aug-2021 18:32:54 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c94183405dc-FRA
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8413230813540642
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.20593569560877256
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:54 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3955d42c321fbe81060b58a781977863d35a896c23098c8885c846ca6509dc8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51135
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:54 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3380
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
32
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
4XFHnjNpLvcmRl18XRKFF5hrKS48JWOL58cY65wM4rVTK_oNFvNq1w==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:54 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:54 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
eed2481d-9ed3-460f-a85d-aecb4dfdf40f
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/eed2481d-9ed3-460f-a85d-aecb4dfdf40f
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:54 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:54 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8089
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
cPGRVambDIYQ5dZwA4t7H_F8S0ElXJk8wqOF-GMSoE6XmeIR02fjjA==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1295041459&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=124588268
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66274
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.09455455204071428&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IlVnRG0zUFI0WHVMV0c2N01vZ0w5VkE9PSIsInZhbHVlIjoiYko5K0VTK09QMUZpbnJJcVYzdUM2ZjZzZmJvTVVOaW9qMEIrWHc2MStZWUYzck1aNWkyZUwraFZjcGZQWERTQyIsIm1hYyI6ImE4YTc2YTVjYzgzOWE0MmI4NDE4NTMyMTgxY2JiNDdhYjBjYmJmYTZkMmI1YTg3NzY4OWM0YjBkZmQ1YTVhZGEifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlVnRG0zUFI0WHVMV0c2N01vZ0w5VkE9PSIsInZhbHVlIjoiYko5K0VTK09QMUZpbnJJcVYzdUM2ZjZzZmJvTVVOaW9qMEIrWHc2MStZWUYzck1aNWkyZUwraFZjcGZQWERTQyIsIm1hYyI6ImE4YTc2YTVjYzgzOWE0MmI4NDE4NTMyMTgxY2JiNDdhYjBjYmJmYTZkMmI1YTg3NzY4OWM0YjBkZmQ1YTVhZGEifQ%3D%3D; c=eyJpdiI6IjJ1WlFJY0lOd3I3T1VWWTZwRko3eEE9PSIsInZhbHVlIjoiYU1mdkp2eUpvTVpPaFBnR2ZRTHFLM1ZzeGV2Q1hzbVpcLzJxSjdCY2JkSklYR3NDOG16dTFhWlY2cER2cTR6a0ciLCJtYWMiOiJhOGMyNGI0NzI4MzhjMmE4NTRmM2YwYmU4NTQxOGIxYmIyYzZjNTQ1MmZlM2Q4MGNlY2M0MjVmN2ZmMjdiYjIyIn0%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IlVnRG0zUFI0WHVMV0c2N01vZ0w5VkE9PSIsInZhbHVlIjoiYko5K0VTK09QMUZpbnJJcVYzdUM2ZjZzZmJvTVVOaW9qMEIrWHc2MStZWUYzck1aNWkyZUwraFZjcGZQWERTQyIsIm1hYyI6ImE4YTc2YTVjYzgzOWE0MmI4NDE4NTMyMTgxY2JiNDdhYjBjYmJmYTZkMmI1YTg3NzY4OWM0YjBkZmQ1YTVhZGEifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKAusytoPnss7tzuzBEj6GnFx8tAA%2FTOTMRElDTG8Gt3e4GxgTbJpuPj1sSM3c77Iu1XV9Eo%2F6Ipmrpm4juSmZUcGlH6iLhhImJIQJG%2FvaGNkr2wqqkXqojh0nnu6eVe7BC1FeQdILo%2Fz6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IldvMFBiNVhtbGdTN1dZck81bTNLcWc9PSIsInZhbHVlIjoiZTlZSHhydXJpbW53WXNEWHYrRVF5TkNVd1dLQm0ydU4wQ1htd25YUStLek9IZThQb0M0NjlBZEllUUhLdnRCTyIsIm1hYyI6ImQyYzg5MGQ5YjdjMGY4OWQ0MTU5ODVjZWQ4YjkyOTk3Nzc3YTZiZjczNGZiYjdhNDk5ZDM4OTBkYmE5OTQwZjkifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:54 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlwvTlk4MUJUTWRLTCtxVGs0a3FJVTFBPT0iLCJ2YWx1ZSI6ImZaZDdJMEhaUjRPMTJQVW5TbTExVUxHQUc3a1wvWUhFTzQ5R2pnS1FkaWJWMTNKeEdMUG91ZndJV3YxSkpLZFJnIiwibWFjIjoiNzMxZDkwYjdlZjdhMjBjMzk2MGVkMzllNTY2NWQ0NTBlMGU4MzJiYjkzZDY3YTE0MzE0MDA3ODhjYThmMjc4NCJ9; expires=Thu, 05-Aug-2021 18:32:54 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c95aafc05dc-FRA
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 33F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
arJ40W7Pk-1Oyzxg6UXJ4oqjcb-wDT58CUcIVwY2hfh-4VxrTltzKQ==
age
1613784
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.5806332227087683
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:53 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:54 GMT
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:54 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:54 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a84a100cb4d5253d71a3af35b9ca6dad21b3dfd7fd18053935fa66cc6b0ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IldvMFBiNVhtbGdTN1dZck81bTNLcWc9PSIsInZhbHVlIjoiZTlZSHhydXJpbW53WXNEWHYrRVF5TkNVd1dLQm0ydU4wQ1htd25YUStLek9IZThQb0M0NjlBZEllUUhLdnRCTyIsIm1hYyI6ImQyYzg5MGQ5YjdjMGY4OWQ0MTU5ODVjZWQ4YjkyOTk3Nzc3YTZiZjczNGZiYjdhNDk5ZDM4OTBkYmE5OTQwZjkifQ%3D%3D; c=eyJpdiI6IlwvTlk4MUJUTWRLTCtxVGs0a3FJVTFBPT0iLCJ2YWx1ZSI6ImZaZDdJMEhaUjRPMTJQVW5TbTExVUxHQUc3a1wvWUhFTzQ5R2pnS1FkaWJWMTNKeEdMUG91ZndJV3YxSkpLZFJnIiwibWFjIjoiNzMxZDkwYjdlZjdhMjBjMzk2MGVkMzllNTY2NWQ0NTBlMGU4MzJiYjkzZDY3YTE0MzE0MDA3ODhjYThmMjc4NCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:55 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:55 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz%2Bfm4dNG7X0PAfslupbHRU9Emw%2FIfLCsouzTehq0rFr1PXSiL8tRjB5MpATEHabLdaO9NNgiL2sQWLs3wXa6PEpVaIh8JaLhSzJD7Bkie2Tke46%2BKcxRSkRgEPKvbU61NJMrLDNxKGWyho%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16c980fe705dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:54 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1486
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTtgA3eDGcN6k8ucxS2V8M%2BlPp%2BkTkMkGqduYP963CuDtZxyW3CBccpbqzIZcr5H6pvZfUUaXz0fGSxl7Q5M6x4nNbqWntznyQMYXAEB62oBm1rOw4SFAMKOvx%2BekFSVjZl3WQyg2P739OE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c994a7105dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1486
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A57kdRmmkWinxEek5hadQyMn5xTFz6XJovcMNcis45IR86l5qIOK8YnA6b0KuULww6ph4Hytc8CCjAu3jx4MfOg4WMOMcb9arseVOofGxmLrRraAA7cYM309AJ8ND5XQxi2RUM%2BiAqlorOE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c994a7205dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:55 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1486
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inadnR8Z6wKDschRH7YJjXubBstdCWQ7HTTQMElwT1bPDpg6qnoKij4wzJt0doEmJcI2yCT%2BESSdbMQY6MWNFlKOXYd8CenPcN%2BdLuDKBnvBu3C7HzwabwFERSEyumxgZ0mn3ZlX4GePElg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c998acd05dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1486
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cK2onX81DqJbVE5oURmRFJAM%2BFTqZS07UC0ZZMZWWpqtAhmw4mWL47%2BjNmW2MrbuNiXbGdBXHVNaTILKx%2B3hsT8WouYABdO9bx3f6ZMCW1XKQPfUwAQTNcvw12ihU22m7zhqEM3Hjra6%2Bp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16c998ad005dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlUx%2BUezRDZivom4cqHXaMle7zUHQiO6GSF5cGY5YDPDcF2UZJZiJcAyUDS3qQ%2BNFLXBSoafMUA5unGwpk4hoRXGjF63p2fZ0BPd48wRlX9vigcc0E2CpjbMPkDpBP0oKP7dbph2BonUV2w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c996a9805dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:55 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1486
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F60ZyvEwinLPuxaCjVnTr01p119IVs3SjgP8VI%2BMipuPwxVuUAhFNwvqLMlrvxrwTyvxnElh8JgYTAWRGiRxJbCnsGIGfpgX3bTqRDvd7Bc4F%2FtoBnvAKme%2FQcYMG7%2BF97HRweL5JBOCPKU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c997aac05dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2660
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VNgl8kyr6VKgwf3u%2BUgIjQTR92rYMiy5mO5wnuF3INYfiU9bMSPhl2OLINNlevooefpRknxCYTLi5AxdeODA63WEVpSLd7zqjFDfi%2FV698dtrbGZbBqL4vXx5%2FEMhlzyVNhdkhx9teAnNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c997aba05dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:55 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:55 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:55 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
185
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsT%2BR9MrhHw4lf7nGT%2FEFLXtVvg9i%2BAAa7bP3EcP8RhURIMVaD6hanNQaRx0x0CuiSzn0EeZqGlQKgG4zSPx%2FHo7d%2BFOLFoK7t5UKyUFCl03DzXtyUmrmKSQdTqJ%2FWGqoWXRe0jSqw4WWyLu%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c998a214e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2bbed3a1df3444a8be2a1dffe7ebe23b2561d6bb2a9ae30c765679b542ab661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:55 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8923291147836263
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
8d69907759dd859bbef65ad307912ce0213cd674b07a3a20d5826acfea05dc25

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:54 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:55 GMT
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:55 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
da5c381aa8c72ee95024db25f3f54c5abfa61a9230cfe7716ff5e19b549a243c

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:55 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8e727458058d2c1195197b4b8a8657f697791a8609b1d517314dd7566cb1011f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:55 GMT
Server
nginx/1.19.10
Etag
c8402bab-a59b-4d80-b062-00c7e1173e66
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:55 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:55 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:55 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:55 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:55 GMT
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8923291147836263
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.5854415044927126
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:54 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2199
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFt%2B3MdvpfpJuoN8LQUtiJ%2BHs2bOsWFn0%2FhamQWcG2rAXojN0mm3GB4Vxe5VLwWhwLEWQbEHeyu%2Fv0V7gtKIa8xLj3WcVEiR3elJEpPgXt66EAPN3SPtevjxEaWtz73mEqPzTkop5D6cxdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c9a2c1a05dc-FRA
locate
tgfunnls.org/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ%3D%3D; c=eyJpdiI6IjB4WHZNZ1NXaEZQdU1uenJvejE3Unc9PSIsInZhbHVlIjoiV2dBbGNHSURtWGJ1S2NDOGlVc05jRjc5aVMxRUxSNmo4b2tJMUNcL3h1dE41QUVMRjBQaDA1alwvWGRyV21MXC9CSiIsIm1hYyI6ImViODRlZjhlMzU5ZmJkZjk4N2M4MTlmZjIyM2YzNDNmM2UxMDgxYzMyZDgwZTJiMWFkNzIxOTIzOGIwYjY2Y2MifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6InhGdHYyN29XdDB2NitQdmxtZkRKQ0E9PSIsInZhbHVlIjoicjRRYmVNcW1XUE0rVkZlSHplOXhKcEU2eFo2NHllVU5wM05FaXphQmdQV285K1dQVGJ3NnpEbis3YTBrcjcxRiIsIm1hYyI6IjNlZTU1YWJkMzA1MDMxZjQwZjQ5YjhjNjBjNWQzOGI5NzQyYmU0ZDZhZDA1Y2MzZmVlNmM5ZWJlNGI1N2M2ZWMifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxd9Txwdbqek8uwTJY7ljgtFPdjPJR24Lv3i6pWn9nco66DMsdBgxpMwP6xxnhyrJ9hQ2AmT56P99rF7JMegS16sgGbGBBJndno%2BcJ6t4%2BAZa6dbMM7RoOLfnVaTjpgmYvnuQjuw5jrwkDA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Ik5BMGZcLzdUelg3QjJrRXlkS0pnXC9MQT09IiwidmFsdWUiOiJpNFZ5U1NGVE9Ca1Z6SEZBZXpjOGIxSXRxdllTT1NocnY2bDFQVkI4em1UcjFcL0VLbzZZTzludzFzSnArUWh0SyIsIm1hYyI6IjdiYzAxZDM2NGUzZjYzNzVmYTMzYTk5ZjdiMDgxZTJhMzdmM2FjMmRiOTE3OGVhZGMzMGM2NWFiYWYzOTdjZWYifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:55 GMT; Max-Age=7200; path=/ c=eyJpdiI6Ik8wZjNVdVwvYXk5UUlLZHhteVQwYmRRPT0iLCJ2YWx1ZSI6InpRNHJkXC9JUG5hNzY3aWNYWDVwSzJOckJ3Q1lHczB0V2xBS3lKblZJbFZUMUc0bkFQcWdQSzNXdzdHN0NVNVY4IiwibWFjIjoiYjlkYjY0MDMwZDNmN2Y5YjQ4OGFkZDUwNTgzYjI3YzA0MzEzZmFiNjU1NzE2MDQ5MWQ0Y2E5YTQ3OWFjMTEzNSJ9; expires=Thu, 05-Aug-2021 18:32:55 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c9a4c8105dc-FRA
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c52f07c64331e4ba4ced4ae100a81c7ffa8fc6b87e5aa03178cdbea531bc6d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51135
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:55 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3381
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
33
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
S3ghgaQ_zqU1YDF6dgXCYs01N8q0ksvJvQZdwwY5VicKJ9E5oGGTuQ==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:55 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:55 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:55 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:55 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
53c03e91-615d-476a-b52e-580bfb105e2c
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/53c03e91-615d-476a-b52e-580bfb105e2c
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6Ik5BMGZcLzdUelg3QjJrRXlkS0pnXC9MQT09IiwidmFsdWUiOiJpNFZ5U1NGVE9Ca1Z6SEZBZXpjOGIxSXRxdllTT1NocnY2bDFQVkI4em1UcjFcL0VLbzZZTzludzFzSnArUWh0SyIsIm1hYyI6IjdiYzAxZDM2NGUzZjYzNzVmYTMzYTk5ZjdiMDgxZTJhMzdmM2FjMmRiOTE3OGVhZGMzMGM2NWFiYWYzOTdjZWYifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181174.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik5BMGZcLzdUelg3QjJrRXlkS0pnXC9MQT09IiwidmFsdWUiOiJpNFZ5U1NGVE9Ca1Z6SEZBZXpjOGIxSXRxdllTT1NocnY2bDFQVkI4em1UcjFcL0VLbzZZTzludzFzSnArUWh0SyIsIm1hYyI6IjdiYzAxZDM2NGUzZjYzNzVmYTMzYTk5ZjdiMDgxZTJhMzdmM2FjMmRiOTE3OGVhZGMzMGM2NWFiYWYzOTdjZWYifQ%3D%3D; c=eyJpdiI6Ik8wZjNVdVwvYXk5UUlLZHhteVQwYmRRPT0iLCJ2YWx1ZSI6InpRNHJkXC9JUG5hNzY3aWNYWDVwSzJOckJ3Q1lHczB0V2xBS3lKblZJbFZUMUc0bkFQcWdQSzNXdzdHN0NVNVY4IiwibWFjIjoiYjlkYjY0MDMwZDNmN2Y5YjQ4OGFkZDUwNTgzYjI3YzA0MzEzZmFiNjU1NzE2MDQ5MWQ0Y2E5YTQ3OWFjMTEzNSJ9
content-length
179
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Ik5BMGZcLzdUelg3QjJrRXlkS0pnXC9MQT09IiwidmFsdWUiOiJpNFZ5U1NGVE9Ca1Z6SEZBZXpjOGIxSXRxdllTT1NocnY2bDFQVkI4em1UcjFcL0VLbzZZTzludzFzSnArUWh0SyIsIm1hYyI6IjdiYzAxZDM2NGUzZjYzNzVmYTMzYTk5ZjdiMDgxZTJhMzdmM2FjMmRiOTE3OGVhZGMzMGM2NWFiYWYzOTdjZWYifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dac527WF5Ym88U5eo%2FlrH%2FA5rpnIwJQkApbe05QGT67jUUwjo8L6O7UedebNti%2F7hM%2BCt6NHP9FVPQeLXAxt3jvx298M8vL4LH2QgMG8CENQZRPNmcdJuuhyj9ZO2OGXOHkdmb5VwqzEA%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkJUQzhxY0JLV0c0cEpUTG1MZW1RVGc9PSIsInZhbHVlIjoiK2s3dlFxMUUrczNMYkNqTDI4ODVlSG5cL2gyY0dqSWlaWXMwd1I2OU9PUHozODVEc3c2ZXZUb3hJblMxUVNTdlMiLCJtYWMiOiIyOTBhOWFhY2FmMDhlMDZkMDIyYmUzNjg3YmViY2UyYzgzZWJmMzZiNDhjMzE3NzNlMjRjZDllNDdmMTVmOTZjIn0%3D; expires=Thu, 05-Aug-2021 18:32:55 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkZkXC9NRTB6dzRPZDh5Q1RvWGJqU0d3PT0iLCJ2YWx1ZSI6ImVyNk5BQlp3SnNDb2VUOXhHdUJIcjNoN0tPaGtzMUdZZ2VtV1lPOTc1NGxIOEZCS1Fta1ZtTDlHWHErUU91YXUiLCJtYWMiOiI1ODE4YjQ2MDkxMzk5ZjQ1NmFjOTEwMWRlYzAzODYwZDViNTM5MzliNzZhOTcwYzljNmE2MDI2ZWE1OWI0MzU0In0%3D; expires=Thu, 05-Aug-2021 18:32:55 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c9aed9805dc-FRA
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.5349066265619682&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.42886162267445194
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1479278165&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=592290523
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66275
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8090
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
po2vwFM8xpDgLH-q5VNZcXvB8X_tqVF9QUnQWAjsWV9PV77pXbZNEw==
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:54 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 3819 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
6UFn0fUaiOlnvsAeMp-0A98MGHSZQ6uwpkn5gP8-T_3jvuQVBppvLA==
age
1613785
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:55 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=3801088-

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 3801088-124690623/124690624
Content-Length
120889536
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:55 GMT
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:55 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:55 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:55 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2871f473e065e70c47fb2846b52439ab82217c9ab4629a1da687f09ea575154c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkJUQzhxY0JLV0c0cEpUTG1MZW1RVGc9PSIsInZhbHVlIjoiK2s3dlFxMUUrczNMYkNqTDI4ODVlSG5cL2gyY0dqSWlaWXMwd1I2OU9PUHozODVEc3c2ZXZUb3hJblMxUVNTdlMiLCJtYWMiOiIyOTBhOWFhY2FmMDhlMDZkMDIyYmUzNjg3YmViY2UyYzgzZWJmMzZiNDhjMzE3NzNlMjRjZDllNDdmMTVmOTZjIn0%3D; c=eyJpdiI6IkZkXC9NRTB6dzRPZDh5Q1RvWGJqU0d3PT0iLCJ2YWx1ZSI6ImVyNk5BQlp3SnNDb2VUOXhHdUJIcjNoN0tPaGtzMUdZZ2VtV1lPOTc1NGxIOEZCS1Fta1ZtTDlHWHErUU91YXUiLCJtYWMiOiI1ODE4YjQ2MDkxMzk5ZjQ1NmFjOTEwMWRlYzAzODYwZDViNTM5MzliNzZhOTcwYzljNmE2MDI2ZWE1OWI0MzU0In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:56 GMT; Max-Age=7200; path=/ c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:56 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIY1so%2BBSJY7WIHEwcfSlIb0V0adZh1cyjDLsMG6Xogl8X1rvopCx3gzbmxCD%2FBKUQ9H51L6NBqgydLQcapwuS1yywkHoMPSy7FaxtH3O4nZEFTrxHsmtb8BNZccO7GWT8EW2JhXSkwaGm8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16c9d3b0305dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1487
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6DYDnMQF4xqzXaVLLx4gOCCUxjsSeO932E96IxLkTGhxfa9TR1zqxTOIOyKlINNjtfBXv%2BfsrOKHfZD88cS%2FnMnRfjY3eVEa4jET4oCiQQwvRY9TJ6f%2ByC%2FRDwsq2A8pK14xM9lg4yltbU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c9e8dc705dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
759 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1487
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFoXSWbCdoJUVnyxohtH97U8DUnD5dFuOEuid53wEssnLMEyeAiNly%2BGLHHInxXzEzkxZaoi3letoM1rEz1KoPzFM6vCwAIxMzdbCh2CZaZqN4IYKkCv20RNhpaqlLg64RgIkOuQLFxTmLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16c9e8dca05dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:56 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1487
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0M1S8MlVSIIGJJ5iZLJiw4F5psJjJoi8xlZV63n%2Bk9qwGyMXG47g9TjUpe0PwKMbsHz8k4th0z3IUbznjRi0Rxwctw47jtPBcicX6a0x%2B%2F4h%2FQ7aW3hJgJdPo%2FplQlHgDRPISwvOB%2BuL5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c9ebe2105dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1487
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i50bBq0SU%2FUJzwZeGju9IJjOfDG0LDSQXael83FCfYXKSOEuR2yjUYnF%2FbCRNGZNTxi4fwjczFycZmaiSPdRGgDnQbCR8yutdGTK3LACIeUJC3%2BGETiNW6LAXN23STyj3O9s5IvX1azRsMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16c9ebe2c05dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xVMCKDDeZSNfnsp68kt6SF2i0qV%2BgTqEmL3ZqFVE%2By5GkZDgXu2JBRmBCW6FthHa22Spq2V6xrGNSX%2FxOiMmFlldrqmH1w%2FO8SzC4KRMdMtiWBDXkfkdmoqX1LJemwbSZwNz5jrVB6OyFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c9e9df405dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:56 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1487
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZigXm5Nm9MdHJ9TS1jGg7zUYIREvlz3pksu%2FjpfzNdL1MkwaZbd%2FgYCED451TwoHDLf726JDhNWL2j6KqtnwmINfY6QkYkMkff2GoScxCtERZOfbNY9usFNOklEnBP1sPXUJBXG70CnwxlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c9eae1105dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2661
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPXsrVX6VS9LqDuuA9J5xuyEUPmreNBFBwDSzat%2Bql7pw9oJf5w5ZTFbCbbeuJjxYGjmy20k3wuqh%2BfjFqhRekTk6kMJHlxsUDtUt5okQPOyVaekgGXH0m14Q1nPeXLlOD2mpuscQXVAh4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16c9ebe1d05dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:56 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:56 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:56 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
186
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fi6F2uzYe4TEldoMrIB3JJR0i%2FY%2FkrBFm5wU4%2BgsqHXlrWYaepiTcboIolSvYgu4yW%2BSEy%2B0UriP7V7tqKNj6VG%2BT7g1Gezoi7qcj44fZiTVmqDavMYHS0UXBJmumRWkWRFJRl40kWw7Q2241w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16c9ecd464e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:56 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.22432028127674597
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b8f60a107f90c6d0641c8e2926b61914b66d783aeb297c660b60dc47be50c430

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:56 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:56 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:56 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
143cfc4551d451c96f865f9981b81776fc7331d9123a098c39c833ae232e474e

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:56 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1e9670293cc4d30ea9917a1e4cbe11432dd393127be940a803b487d87f1ae26a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:56 GMT
Server
nginx/1.19.10
Etag
04079eda-cf58-47ba-aa50-bd666ac68aee
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:56 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:56 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:56 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:56 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:56 GMT
locate
tgfunnls.org/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3HcEZhnKXcLcEtWzEGuM5jQuTKbMyIgSpYroGodMXLg0t9Aci%2FVvzbe6hXEEAsC1jnCbs05d8pc8Q%2FITISP43BP5BcXFaPOqsV6aulgzRZSLoUt%2Bo9EhYI2ZytyU5jlVI6CMyOXEKm4%2Fo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IklmNk9wekxQclFyUVhoMDVzUHZYSFE9PSIsInZhbHVlIjoic1NheDVJclFscEFnUFwvVVI0bzJWVllRMDVQUlI3WTZ5Y2MyV3BiMWkyTUJkMzRKNk9TeXNaRk5Hdm5jXC9YeGhBIiwibWFjIjoiMWU3NmRlNTA5NjI0NjI0NGJkNDA2YzA4YWQ5NjY3NGEwOGQ1YzFhNGMxMmEzMzRiMGU0NjQ2ZjA1ZWNlNTc0YSJ9; expires=Thu, 05-Aug-2021 18:32:56 GMT; Max-Age=7200; path=/ c=eyJpdiI6IndQbWE0ZGJsYWp4K1RlVTNcL2o0SXZnPT0iLCJ2YWx1ZSI6InV1SCttVEdyWXZtQ2lqN0tBVlBNeVNjV0ZqTEpDWHZRZkVoZGw5Zjg2K2x4SkFkWjFIRllEU21kdVIyck9WZU4iLCJtYWMiOiI2ZDAxZmYyYmFlNWJlYzNkMjc5NjYwMjVkYzBkZTY5MGEzMzJmYjgzMjhhZDI0NDk0YWY0NzQwYzM5NzlmY2I1In0%3D; expires=Thu, 05-Aug-2021 18:32:56 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16c9f8fd405dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjlEalRVOE8xVjNycHNaNEZoemRNNnc9PSIsInZhbHVlIjoiSWJ0TThqTUpcLzN1N2g1SDlBd1VVYURpQktvb2d6aTk5OUhYVTlYXC9FVCtvMVpjQ3BzQnN4VEdrd0hnWDRuXC9wOSIsIm1hYyI6ImM1MjQzMjhmY2RjOWQxNTE4MTFhOWM0MjAyYmMyYjllZDcwNGM5MmU0NzJiNmI1N2ZlMWNlNjNiNDdhNTRmMTMifQ%3D%3D; c=eyJpdiI6Ik5rdkplOWkzVThLM21xZVRoMkR6MlE9PSIsInZhbHVlIjoiSnloVEU0MHFxT1pZWkhFeXd4UjEyOFowdm5RM2tTSnBMbUVDOFpQbTExNE1NNjlJdklXOUF4MDBGaUNMU25SZiIsIm1hYyI6Ijg2Zjk4MmU2MzJmMmNjZGUzZDI2ODQ3NTcxODMwNTJmY2YzNzE4NTE2Nzk1MWNlY2QxODhhZWE4OGI3ZGMyYmIifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXAzkRWqzuYaUvVn5cfoMsQXQFsGkjiVZE6KPkohF7yQyjHTelTwfqo5IEdQNDMImtbIkV%2Brz2SFSbznIn7Tyf1c3rDHSqLx8Mw2uZ3e3%2BBRD0W1mRzlei0SVlSd99HKS8xRI5tRpHLYXXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16c9f8fda05dc-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:56 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:56 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.22432028127674597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.8420546621391654
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:56 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
1c121702-0b32-46ea-bf55-b9113ce0e9dc
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/1c121702-0b32-46ea-bf55-b9113ce0e9dc
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1aa6dadd8dca8ccedbcc0570be007111ae97c1e941f9a8f825dce28d3c5ccbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51134
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:56 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3382
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
34
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
D0D3AxFoo_tmF0BXJtsAVQkuBlhnS5z2ijGb_oioww4jIRZqMgw6JA==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:56 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:56 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IklmNk9wekxQclFyUVhoMDVzUHZYSFE9PSIsInZhbHVlIjoic1NheDVJclFscEFnUFwvVVI0bzJWVllRMDVQUlI3WTZ5Y2MyV3BiMWkyTUJkMzRKNk9TeXNaRk5Hdm5jXC9YeGhBIiwibWFjIjoiMWU3NmRlNTA5NjI0NjI0NGJkNDA2YzA4YWQ5NjY3NGEwOGQ1YzFhNGMxMmEzMzRiMGU0NjQ2ZjA1ZWNlNTc0YSJ9
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181175.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IklmNk9wekxQclFyUVhoMDVzUHZYSFE9PSIsInZhbHVlIjoic1NheDVJclFscEFnUFwvVVI0bzJWVllRMDVQUlI3WTZ5Y2MyV3BiMWkyTUJkMzRKNk9TeXNaRk5Hdm5jXC9YeGhBIiwibWFjIjoiMWU3NmRlNTA5NjI0NjI0NGJkNDA2YzA4YWQ5NjY3NGEwOGQ1YzFhNGMxMmEzMzRiMGU0NjQ2ZjA1ZWNlNTc0YSJ9; c=eyJpdiI6IndQbWE0ZGJsYWp4K1RlVTNcL2o0SXZnPT0iLCJ2YWx1ZSI6InV1SCttVEdyWXZtQ2lqN0tBVlBNeVNjV0ZqTEpDWHZRZkVoZGw5Zjg2K2x4SkFkWjFIRllEU21kdVIyck9WZU4iLCJtYWMiOiI2ZDAxZmYyYmFlNWJlYzNkMjc5NjYwMjVkYzBkZTY5MGEzMzJmYjgzMjhhZDI0NDk0YWY0NzQwYzM5NzlmY2I1In0%3D
content-length
179
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IklmNk9wekxQclFyUVhoMDVzUHZYSFE9PSIsInZhbHVlIjoic1NheDVJclFscEFnUFwvVVI0bzJWVllRMDVQUlI3WTZ5Y2MyV3BiMWkyTUJkMzRKNk9TeXNaRk5Hdm5jXC9YeGhBIiwibWFjIjoiMWU3NmRlNTA5NjI0NjI0NGJkNDA2YzA4YWQ5NjY3NGEwOGQ1YzFhNGMxMmEzMzRiMGU0NjQ2ZjA1ZWNlNTc0YSJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57M05THj%2BCWxMB%2Fz%2BoNujxGwep%2F3HAdhupKQICXLn4tQ0Sx5HnsLeoszwaxmnn%2BGEwUzIzMP4kgWNJimvkrt6JZMEUNu0ogX8AnachDYND7TwyR5PqSCgs5oplcwSDjpm6RIVurYo3%2FcfM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkQ2YWh5djY4SlI2V09DUmptVVNVcWc9PSIsInZhbHVlIjoiMnFUcWEyMnZSVWtlYUdOT1ZnWDIwYm9ncjRRMHJvbzJJUGJheEd4N2NSQXZUbjJCejYxbmZMMnZWMTdCUHZyVSIsIm1hYyI6IjExMTU5MjZmNGQwZDJiYTgzNTg5YjllZGI3NzA3YTMxNjNkYWJjMGQ5MTg0OTI4ZDMxOGQ3ZTZhZTk3NGUzNTkifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:56 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjIydlNvRXZtYWtHUjRBc2VxdjNwZlE9PSIsInZhbHVlIjoiU01aQXYxYmxIZFNKZHZGdTkwemR5eWJhVk9YbkRISzdudFd6b1l1TEhVclVLS1FqcDlreVwvdUJiU040R0J4RDAiLCJtYWMiOiIzNGQ2Njk5ZTRjYTg3NWYzN2VmZDU3MzQzNzc1ZjUyYTkzNjNiNzYxMGM3OWM0ODlkMDA2MTFjOWQyNGIwYjllIn0%3D; expires=Thu, 05-Aug-2021 18:32:56 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16ca0494805dc-FRA
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.7697842366759875&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=765791219&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=555965039
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66276
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8091
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
UhSyvNFX62J6sz2vecmq4lKWA9w4F4xgK9sVkiMruwFLjmH6Ty1sWg==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.4417592098298029
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:55 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:56 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 6E79 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
HNXY3jnbY_HzdPbLegkhTPsvP6bjOCC8agX-444GOr4DN9oJsyqiAw==
age
1613786
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:56 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:56 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:56 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b71910b9b6e5814fb2b7f56bd3ea2f37d760c611d34c0501f479c0f826a63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkQ2YWh5djY4SlI2V09DUmptVVNVcWc9PSIsInZhbHVlIjoiMnFUcWEyMnZSVWtlYUdOT1ZnWDIwYm9ncjRRMHJvbzJJUGJheEd4N2NSQXZUbjJCejYxbmZMMnZWMTdCUHZyVSIsIm1hYyI6IjExMTU5MjZmNGQwZDJiYTgzNTg5YjllZGI3NzA3YTMxNjNkYWJjMGQ5MTg0OTI4ZDMxOGQ3ZTZhZTk3NGUzNTkifQ%3D%3D; c=eyJpdiI6IjIydlNvRXZtYWtHUjRBc2VxdjNwZlE9PSIsInZhbHVlIjoiU01aQXYxYmxIZFNKZHZGdTkwemR5eWJhVk9YbkRISzdudFd6b1l1TEhVclVLS1FqcDlreVwvdUJiU040R0J4RDAiLCJtYWMiOiIzNGQ2Njk5ZTRjYTg3NWYzN2VmZDU3MzQzNzc1ZjUyYTkzNjNiNzYxMGM3OWM0ODlkMDA2MTFjOWQyNGIwYjllIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; expires=Thu, 05-Aug-2021 18:32:56 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D; expires=Thu, 05-Aug-2021 18:32:56 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKKl4yAc0MLMuKdV%2BDNcytkPOTVzTuycBJtocy75PHqNTQkDiCEqYdwBzkdlHMihWJeT9HzvqEzCTkL2DImaq0bsEE1w%2F2zAkpp1yhuvO8TP%2FR5rP8THaPrDELJcQTXwmH3KiMe%2BFhELDco%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16ca2b80e05dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1487
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uN2pbU8%2BCvJlzaP0tAQwpYccfIxo1bNWgjc43IGKe7Fk6g%2BJ1z4J4EtxinOfJaZr5T0JqHrtEpARhO8gJuNgWUi3frXG215r0plmfZejhxlQxgYlgIQEzF4dSgx0JfvJUR1%2FzPshOOSJVs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16ca42b6a05dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1487
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2VEIXK7xfq8mXnSG1D1EswOZeBXhCQNbL9LbqUlBfHPL5cO%2BEXn7bJKo2yRwvd2WnezRfXFjerZBcQQmBqAn3H3S40pURGgG8%2FFd02AQ2sxoFl8VR%2B9sRtWoPBm2yE48%2FTqG29DyPjCDQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16ca42b7205dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:56 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1488
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rnb8%2B3Wa5kw5c2W7uC%2FJNnVQlH%2BeKupca9LSBRG%2FRVLKMKglXLYHrN0A%2BBkHDhqn31uyTG059%2BG4qEl2TpV0IYcbdImRnCrGxw%2BXH7LqIPV9v997ReOEr3YLTXrCd1dx7WayDBnHI%2FSXu%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16ca46bf105dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1488
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2%2Fn5Ej0AZfwmVHD9syyecS5gbrtk2SZ9RLisiqbt6HepozjGlz13P12Hebabxvl%2Byw7En6Y7UgfPhphC2XZj%2FG5eJQI4g7TRTgLC92lAIqw60lroRj%2BeI8AUz2XOjhEaYB36zh6Rv3e2gc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16ca46bf205dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvktpF%2F8Yz7FIlbHT3312soW3hm15HOBGC9Swhx7xkDS3uH41L2VdqJquMA0lF5kcpBCzcTpIzG%2BTbxhAOODs%2Bx5px7LeNNx%2FadlC5PpfbGwAyzw41QyoEVvCn%2F9R989zQwU4rT3xZjAx0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16ca44bbf05dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:57 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1488
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLdUpSaSq7opbgFQ4zk%2FekZh%2FjP6LllK5%2BpvPPx6xVg31eey1FP2etsLWI%2F%2FRPhuiaUqQwaqlQidyBZbvUHxUdx557nc6XUU4BiAT%2Fwlkp6CSt65LCAj6CL%2FZJio4qqpMu4g9f853Db0CmI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16ca45bd505dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2662
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJz9XVFv3FeFlHimNP81XmOH6eRPAhcyjoOvuclZVTPmLYMHVjyPlmJCIU0%2FU2AJp%2BaT0p0SbD3qH%2F81qk%2FMlZFympyZvg9v2KDQJIzPr0A8ndJSoUUd9K9%2FNuvYGuAbX36ZwVnSpXP04iA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16ca46beb05dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:57 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:57 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:57 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
187
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2jNuEKUVhG6wo3TZ6ka3DzqbTt1ESI7wgBS730jSpMXDtZvu5539ohBp2xN8nQx4Xww7bwzgoVXOl7D%2Bd2EROP3voZvObuI69KMOauQIOLd%2BOB0ZnTjDTPA%2F4UQim%2BNw2Qh1VQhFVEA%2BaEEXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16ca469ef4e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:57 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.4757910732126318
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
e85d4db1769e0c538d5b3d07ab40d6fc1b3da5885eac205225ce466276791f26

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:57 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:57 GMT
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:57 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
94fbc851b11a53e0c5d9f8dd9567a2745061863a53dbbed54274006dee97f4c8

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:57 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f9398024e4fd49851a4ff32f6341c0901c68545b62d40b0389aaa1dd9d07dd1e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:57 GMT
Server
nginx/1.19.10
Etag
ddcded6c-d24d-4600-ade6-336bc53e3be3
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87aa8c6bb2611182a941d72bb0274339901da728624efd0ba60ee3d91c2f0a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51202
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3383
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
35
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
NriIM1xVkIGT6nzruDLczzIejgppVGmy5kxRy5XafeQxndmZ-9Zorw==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBwIfaUREgfsWtdZoI%2FBBVzZGPLo0VkVAGg9nGtmP386mr4hoOcdBVb2TMlqGg8Aa2uowAEGpcTK48NhcIZgipPWDFWkJ%2FFJ0HaS2p4x2rJTCiRHRXM21Uc00Xlp74GUU%2B6%2BueBC8dDyAHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IktVQlgwdFBsK3ZucExOUUl0VlFkR1E9PSIsInZhbHVlIjoib2lPUmErdXRjcThGd24rTEJ1QmhjQ2F3TUVsMStVbzM1eW1yTjUzTHNTWEd3QlVtb2hPS0x4eWhDREZtcXhKdSIsIm1hYyI6ImYzZDFmZWViNDFiYzRiZWM2OGFkMTkyMGRmMjU1ZTViM2Q3NTdjMjI2YmI5YjZmYTcxY2E4OGI1MTEwZmNkM2IifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:57 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlZ2RnVZb0hvdnpkNEhpRG0zWGN5bHc9PSIsInZhbHVlIjoiSnhJSThSU2oxcmU0SU4ySjFPOGhYbVN1U09nVzZod0NnWEFzdjFzcmFyOXNUSTNGQ2N3OEp2eVdKcWVqMWttaCIsIm1hYyI6ImVmN2IwNDc3NzdkYjgwYmJkNTRhYWRjYWMxZDUyN2Q1NzQwMjliYzBmYmExOWVlNDA5MDBkMzhjZjk3Y2YxZTkifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:57 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16ca52e4b05dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181176.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Ik94NmtzdVVoRXZRYUFsR3ZBNW5rdEE9PSIsInZhbHVlIjoiT1R1MHA2U0JaVGpnTTFcL0JuVG5WRTBwMWhpeEhkWGpGdlZWVnl6Y0Fxd2dtVG1MSVNcLzBqbkY1b2VlSFpINDBaIiwibWFjIjoiZTdkNmQzYjM4MDFjZmIyNWY1MjI4NGZhNTAyODIyZDE2OGZhZTAwNGZkMzIzZjdlNWJkZmM4NmIzNjgwNDVmMiJ9; c=eyJpdiI6IkR4VGxJXC9HT3VRNTFmakZDeWFBNk53PT0iLCJ2YWx1ZSI6ImJBY3JMS0JzNHJ2TXV0UjQydnZ3VjhybGhXOUdTTW9OWXNmV3BwYTNHelJLUDdNU0cxM0xEZVh1MlZKVHB5SXAiLCJtYWMiOiJmN2ZjMzY4NmE2OTE5NDhhYTBlMjVhMmZjNWMwMjZjYmU3NDUzYWQ1NTcwODdjNjgwMTBlMDVjMWJmM2E4NjgxIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2201
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2QQ5hVMculJNtDiAxvWBGR53qyPV09ObI41zdQ4MOgbcyA%2F3Kb6Epi5Fm%2FZ5mKw7v6sg%2Bqmtl%2Bni7UTU44DJqH5VYysCjKBCsiNssDa0EY7zl%2BrJLYXX%2BPILKb%2F%2F%2Fs5K5E2ucAV3cELP2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16ca52e4e05dc-FRA
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.4757910732126318
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.6690709616871122
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:57 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:57 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:57 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
ba626a0a-3391-4f2a-b97e-6b7b3dd98172
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/ba626a0a-3391-4f2a-b97e-6b7b3dd98172
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:57 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:57 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1200485139&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=276292851
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66277
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8092
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
g3t2WvKyoa_4BT7Xw1Z1dR-ZbrjrUsTMlJOZFNpsBE2YeNMRpXMBJQ==
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IktVQlgwdFBsK3ZucExOUUl0VlFkR1E9PSIsInZhbHVlIjoib2lPUmErdXRjcThGd24rTEJ1QmhjQ2F3TUVsMStVbzM1eW1yTjUzTHNTWEd3QlVtb2hPS0x4eWhDREZtcXhKdSIsIm1hYyI6ImYzZDFmZWViNDFiYzRiZWM2OGFkMTkyMGRmMjU1ZTViM2Q3NTdjMjI2YmI5YjZmYTcxY2E4OGI1MTEwZmNkM2IifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IktVQlgwdFBsK3ZucExOUUl0VlFkR1E9PSIsInZhbHVlIjoib2lPUmErdXRjcThGd24rTEJ1QmhjQ2F3TUVsMStVbzM1eW1yTjUzTHNTWEd3QlVtb2hPS0x4eWhDREZtcXhKdSIsIm1hYyI6ImYzZDFmZWViNDFiYzRiZWM2OGFkMTkyMGRmMjU1ZTViM2Q3NTdjMjI2YmI5YjZmYTcxY2E4OGI1MTEwZmNkM2IifQ%3D%3D; c=eyJpdiI6IlZ2RnVZb0hvdnpkNEhpRG0zWGN5bHc9PSIsInZhbHVlIjoiSnhJSThSU2oxcmU0SU4ySjFPOGhYbVN1U09nVzZod0NnWEFzdjFzcmFyOXNUSTNGQ2N3OEp2eVdKcWVqMWttaCIsIm1hYyI6ImVmN2IwNDc3NzdkYjgwYmJkNTRhYWRjYWMxZDUyN2Q1NzQwMjliYzBmYmExOWVlNDA5MDBkMzhjZjk3Y2YxZTkifQ%3D%3D; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IktVQlgwdFBsK3ZucExOUUl0VlFkR1E9PSIsInZhbHVlIjoib2lPUmErdXRjcThGd24rTEJ1QmhjQ2F3TUVsMStVbzM1eW1yTjUzTHNTWEd3QlVtb2hPS0x4eWhDREZtcXhKdSIsIm1hYyI6ImYzZDFmZWViNDFiYzRiZWM2OGFkMTkyMGRmMjU1ZTViM2Q3NTdjMjI2YmI5YjZmYTcxY2E4OGI1MTEwZmNkM2IifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jx8fNIvQPDhtREASVCrM6Iqok21JMIYbs2zTsm0rBO7EE%2FvaNlejIYoQ9BkX%2FkbM5QoLrmbFfH%2F97%2Frl%2BstAvslKs7GbxEh9tCD5zjXbzwYsEtvH903hPOfVEuL8sNbxzmk9myCB2v98dIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjRWTkVPK2xpbHQwY1FYdDA1N2RESVE9PSIsInZhbHVlIjoiNTkwNTI1NU14a1l6ZFI0alI0TzZEb3R2ZjBtOFJKTHNKZldtdnlVcW5SQTE0VXR6YlJ4SERPck5iOWlUQkhYcCIsIm1hYyI6IjU5N2E3MjIyODE0ZmNlY2U1MzAzYjZjNmUyMTYxNmY4ZGNiNzc2NmE5MTk2MjdkNTYxNTA0OWJmZjk4MmNhM2MifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:57 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImZLQitqUUpmeDRNUlpVcHcxWnM4NkE9PSIsInZhbHVlIjoic2pYN0dcL3ZWTVNXZmZKSExoMCs2NGFYV3N2SlFOY3ZWVHRoQVBqNFRob04rNkNvVXU4Tkpma1huVGoxN1g2RG0iLCJtYWMiOiJjZDIzYzlkMmI4NjRkZjczZGZmZWFmNjQ3MGRmMzViMTg1NTc4NTE2MDQ3M2E3OGY2NmVhODlmZWRmNTgzNzI1In0%3D; expires=Thu, 05-Aug-2021 18:32:57 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16ca5f81405dc-FRA
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.6899416176831341&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.6508083575377086
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 915B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
aB_QEUEbaKx0irqzPa5BQQ4-Ie2wKF5Mot7x5s-Os42GcyvSS7o-Ng==
age
1613787
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:56 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:57 GMT
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:57 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:57 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:57 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383a38eb3521213ce7fd1c6e601fe90e89a3d294c10fda4d89057757be653956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IjRWTkVPK2xpbHQwY1FYdDA1N2RESVE9PSIsInZhbHVlIjoiNTkwNTI1NU14a1l6ZFI0alI0TzZEb3R2ZjBtOFJKTHNKZldtdnlVcW5SQTE0VXR6YlJ4SERPck5iOWlUQkhYcCIsIm1hYyI6IjU5N2E3MjIyODE0ZmNlY2U1MzAzYjZjNmUyMTYxNmY4ZGNiNzc2NmE5MTk2MjdkNTYxNTA0OWJmZjk4MmNhM2MifQ%3D%3D; c=eyJpdiI6ImZLQitqUUpmeDRNUlpVcHcxWnM4NkE9PSIsInZhbHVlIjoic2pYN0dcL3ZWTVNXZmZKSExoMCs2NGFYV3N2SlFOY3ZWVHRoQVBqNFRob04rNkNvVXU4Tkpma1huVGoxN1g2RG0iLCJtYWMiOiJjZDIzYzlkMmI4NjRkZjczZGZmZWFmNjQ3MGRmMzViMTg1NTc4NTE2MDQ3M2E3OGY2NmVhODlmZWRmNTgzNzI1In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:57 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D; expires=Thu, 05-Aug-2021 18:32:57 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgUPNvV8Aevz0JpZTSGwiv5uvo7fJxhqqWcXcQgqIzeAbp9q4ZdwvzDkDVtfe2TjJL2%2Bo0O6M1iTdwVE%2FvZlw412OkCihKty8ErzXJPf%2FmpGw76E%2BUQ0Te5ZKixC%2BrTSWjvVTmNlVJkXkeg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16ca84d6405dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1488
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUDyFSuOtQX1xbkp%2B9EPCt0c1gRZAoUDPxOuial5Ws9%2FIeGVHDAcOQollldIYDdzjNgVH1vDM9Np6px0VcsqG6MUsrppGGGGPwZeoC5bKXeMB4P7uj6P72%2BDh5PrNDVDOjVzHdNpu0x%2FKRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16ca9c83605dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1488
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H2uViHCskDTUwgqX5GDvpSmMVeVio0vkIARm0IA7vWvk%2BGV8TjoWTG9F5Ry9bo2oOH%2FQqBfUbqG2gBO8yakFRIhFexB1ZRR1yy6n6nl%2B20bZnFPkiM8DGDA2TRBJ5QmaygUc9tN%2FEI3kmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16ca9c83905dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:57 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1488
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIseHs%2BDta4Ah%2BToTtbqNNvuwo32W10LsY4BXZP4SWUr6QBGWqj98wXZTdx1WVuiw8DMQn7pXe3tvuG6F8CHJkVFofOGvG%2FzRLvyyXqza2Eh%2BvXlkAVcsajYni2u99aqsi8FCjBfV2g7aYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16caa08a305dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1488
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQnDlX7tb2FCF4gzdgdmuCe2c2tq3m72%2BfwBCaS9Tn18Pqc4%2FybM0xnGsDMQ4YiH5Ge3iEUpL%2F0wOoESPTDK4OWr3%2BQq5G1r9JiUpCc1qOyXHp3y9hTJwS61iJwrM8jfoY0Elwf0L5vNHI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16caa08a705dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctuYspga9nZnnQmyz9R6gKH%2Fz52bzkb4QnERlmd076ev%2B6yHBDpPgK%2FjHvBn21sCD9AmUNqndeDxJ%2FzCVFghV2hU%2BJU%2FuAddFpAAHmP1IQlTFLizPl8UVNsqIpPDRg18MC2xxBFHjzyLXpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16ca9e87005dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:57 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1488
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiOBDdgXjteQy7zR5srek5449U5TJe8n4MBdQ9Uotd%2BFUSgCptyiUX7WfdpfVzdzsRt1zuSUSzp3B6A7iU0otvwHKR5UKyyNoSYRdC3ZVptlQZiydZLxemodixGO9NES0WlswB2uPySvDXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16ca9f88b05dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2662
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCoWVONsrqJisNAS3wN22bON%2B%2FB14n3h5ItF8XjFKefvMzq43NnD9sRIpmn%2BvOwd3K9vYn4NADtIUMW93HdugFMoRhQpADrr%2F5Q0MY0BrWCVgUk7EytCJP3NUqxVMBTgiQKjK43YBpfE%2F%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16ca9f89c05dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:57 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:57 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:57 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
187
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsY5k8V1VCeluzKao3rmrvRkd0c51CKFioCjcea1lMehkB2XVGuj73uTWG%2Fk9r%2Bhwa8Ts6YySBMLB0m22Kjl%2BGGgPWtdLhlVJXzhVERPrn4RIAr56K4yS6T5dfDnyajjWAnDx2vL8mHwlyoc3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16caa0ef24e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:57 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.3814716337154396
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6c4e8c09c0a3d443b2e459079fca22c162fc2e51ae11e888ee86442bd44c1b35

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:57 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:57 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:57 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
11c803ac65f0445f6058cacb6a690f4772cef507be52622f2339def262bac4dd

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:57 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
aa0b0242cb6bb745f5021b266ddff12095a9d0e626fc32616151c6f91a83e402
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:57 GMT
Server
nginx/1.19.10
Etag
67b93584-cc6f-4abf-9f11-44d24768ad5f
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:57 GMT
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.3814716337154396
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.6452364031119251
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:57 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgAu6WLvGF8DXoFbGcrqD5NsIdxyvWuYerLIFa8XvzOsBZpNSFRfoZ3J6WAR7rJYX6b09L3TTIuIeYoVxYl9xLvo%2FBmIb7IVWW3danN64Zm2dw%2FAOuyMonOVnMHMbGyQlrW5Cfwlx68P8CM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IktpMVhUSXlDckNLK1FKQ3NMbk1MREE9PSIsInZhbHVlIjoiWVg0MXV2eXlDYnpwNEFGeUZaK0dmV1NrU2ZVc1dSd2RoejJzajNuZ3REZlVMUFFKOVFJblFxZWxtd0sxWjJqOSIsIm1hYyI6IjM4M2Q1MDdjOTEzZjQxNDA5YTYzZjU4N2Q2YzdiZTRiNGJkOWY3OGYxMWFiY2ZjZjAyOWIyNDg2NGQxMjdjYTYifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:58 GMT; Max-Age=7200; path=/ c=eyJpdiI6Im5JOVB3Q090V0RpTmxoc1Q5aURvYWc9PSIsInZhbHVlIjoiOUVZVTZPcnp6QStmaXA4VzVCcThqVUVLZkNrN04xZ0lMNlRTZVNTUUNyYlJxelI5WkV2dElsRkpzZGRQVFdRUCIsIm1hYyI6IjA4NjBkZTZjNGVkNzhhNDFmZTRkM2M0NmIzZjJkZDRmZGQ4NGU4NzU3YjU3YmI1OGJiNDdhYjNmMDBlYzlhZjUifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:58 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16caaca3405dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181177.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IlFpcUxFU2VaditxSERRQ3dESk45TWc9PSIsInZhbHVlIjoiM2N3Y2RNNUk5Q01NQmpcL2Zyc2w5UFlXcHl1MVhiOFViMXlTSlROOXErK1hPVDg2bllsTThcL0RCTDBBd1wveWJWKyIsIm1hYyI6ImQ5YjdiNWM4NzNjNTQ1NGZlZGMyOTY3NDFjMDM0MTAyY2Y0MjYxYWM2NDMyOTQ3YmNlNTNmZmM1NzY1ZmYyZDkifQ%3D%3D; c=eyJpdiI6ImVGVzNvczRtWlwvNGNQOTI5YVpRSTVRPT0iLCJ2YWx1ZSI6ImNadXdHMWllaGFSVUNCOXZ6MmtQYlwvdnRnQndCNjdcL3NEWWJNUFwvYlB6UTAza1JkamxQOE5zeHZXcmZoeXc5S2siLCJtYWMiOiJkMDBmM2Y2MjZkMzM1N2M5ZmU4NTFkYmQ3ZGFmOTI0NWJiODBkOWY3OWMwYjk4NDVlZjIzZGNjZGEyZDA3MTkzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2202
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDepAVngzh88PJp5g14RcmivF6xnUD7bXWYRdGNudZzx25Rnhd4DbXGZ78VjuycjV6Qjlwan%2FiqztxQDIfgWGconR9mm8Wvoev1bJjikQJ3VbYcbRMrD7WBaMiHVy8NNtAnAXd9pzsl0ibA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16caaca3505dc-FRA
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1aa6dadd8dca8ccedbcc0570be007111ae97c1e941f9a8f825dce28d3c5ccbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51134
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:58 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3384
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
36
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
6EFUgMMAPWDyVUFB6NQSCPpo3lP2RDZvki4NNgCl_H4-bcAlOUApzA==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:58 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
07836aa6-2f1f-46b9-88aa-158f98dd1ace
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/07836aa6-2f1f-46b9-88aa-158f98dd1ace
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:58 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.402124355834363&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1156516971&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=757627533
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66278
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.7379663380646442
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:57 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8093
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
U3XcPQVA2eyGNCJuI_BhfAGXbjh6cM4XfpUOC6X5qs2gPfwThw9vUg==
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IktpMVhUSXlDckNLK1FKQ3NMbk1MREE9PSIsInZhbHVlIjoiWVg0MXV2eXlDYnpwNEFGeUZaK0dmV1NrU2ZVc1dSd2RoejJzajNuZ3REZlVMUFFKOVFJblFxZWxtd0sxWjJqOSIsIm1hYyI6IjM4M2Q1MDdjOTEzZjQxNDA5YTYzZjU4N2Q2YzdiZTRiNGJkOWY3OGYxMWFiY2ZjZjAyOWIyNDg2NGQxMjdjYTYifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IktpMVhUSXlDckNLK1FKQ3NMbk1MREE9PSIsInZhbHVlIjoiWVg0MXV2eXlDYnpwNEFGeUZaK0dmV1NrU2ZVc1dSd2RoejJzajNuZ3REZlVMUFFKOVFJblFxZWxtd0sxWjJqOSIsIm1hYyI6IjM4M2Q1MDdjOTEzZjQxNDA5YTYzZjU4N2Q2YzdiZTRiNGJkOWY3OGYxMWFiY2ZjZjAyOWIyNDg2NGQxMjdjYTYifQ%3D%3D; c=eyJpdiI6Im5JOVB3Q090V0RpTmxoc1Q5aURvYWc9PSIsInZhbHVlIjoiOUVZVTZPcnp6QStmaXA4VzVCcThqVUVLZkNrN04xZ0lMNlRTZVNTUUNyYlJxelI5WkV2dElsRkpzZGRQVFdRUCIsIm1hYyI6IjA4NjBkZTZjNGVkNzhhNDFmZTRkM2M0NmIzZjJkZDRmZGQ4NGU4NzU3YjU3YmI1OGJiNDdhYjNmMDBlYzlhZjUifQ%3D%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IktpMVhUSXlDckNLK1FKQ3NMbk1MREE9PSIsInZhbHVlIjoiWVg0MXV2eXlDYnpwNEFGeUZaK0dmV1NrU2ZVc1dSd2RoejJzajNuZ3REZlVMUFFKOVFJblFxZWxtd0sxWjJqOSIsIm1hYyI6IjM4M2Q1MDdjOTEzZjQxNDA5YTYzZjU4N2Q2YzdiZTRiNGJkOWY3OGYxMWFiY2ZjZjAyOWIyNDg2NGQxMjdjYTYifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0qHjkb1KLpW3iF4l5WqRzArfH6%2B%2BejFcurjxU4ZtLV3p6Ge%2Bmw9DW2y%2F9XfffvfQKGV%2BNRkjDCuUh6q5gOXoPtrcyjAjdjudo13oMvErh4Vh0sfJr3vr8ZvBFALLlrUzfmc6ypuPDAZ1tI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkJEcDkrWFpjcnYyN1JvNkltR3NNWEE9PSIsInZhbHVlIjoidlNZaEp2cHdSWU01V1lcL2QreVwvSmNcLzZyK2Y3WjRQYVIyNHZ3YkhBeUpnV1B4R0dxY1wvenZxaG1JQ0I2QTFmSHYiLCJtYWMiOiIzOGFkYzQ2M2VjN2Y0OGRmYzQyMmY5YzEzYjBlZWI0NWRhNTFmMzFkNjliYThjM2E4YjRkNjQzMmZhMjEyNDU2In0%3D; expires=Thu, 05-Aug-2021 18:32:58 GMT; Max-Age=7200; path=/ c=eyJpdiI6InJ5cjNDdlFHelJLdWJjNlB6bTh0Z3c9PSIsInZhbHVlIjoiWmVzUFJxXC9XNWhCcjZSM2xoZXgzdVZNNGlsTlc3TUZLZ01TeTBocFVjam53YVp3aXo0ZmlrYURsVjJhVWNkdFQiLCJtYWMiOiI5YjBlY2U4Mjg2MTQ2OTgwODI3ZjI4MDBiZTBiMTdhOGIzZTI3MzIzZjJmNDM2OTc4MTE5MDYwZjI5ZThhN2U5In0%3D; expires=Thu, 05-Aug-2021 18:32:58 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cab8b8505dc-FRA
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 82AB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
blDDh_LDh1g0F-T4sniFueImjWD9jGUBEZon2oFXioGjEpdZJYTKUw==
age
1613788
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:58 GMT
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:58 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045a17b5309a171cf381fb45ac24cb6edfc7913cc7d45a803cfdb71b8fa6d4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6IkJEcDkrWFpjcnYyN1JvNkltR3NNWEE9PSIsInZhbHVlIjoidlNZaEp2cHdSWU01V1lcL2QreVwvSmNcLzZyK2Y3WjRQYVIyNHZ3YkhBeUpnV1B4R0dxY1wvenZxaG1JQ0I2QTFmSHYiLCJtYWMiOiIzOGFkYzQ2M2VjN2Y0OGRmYzQyMmY5YzEzYjBlZWI0NWRhNTFmMzFkNjliYThjM2E4YjRkNjQzMmZhMjEyNDU2In0%3D; c=eyJpdiI6InJ5cjNDdlFHelJLdWJjNlB6bTh0Z3c9PSIsInZhbHVlIjoiWmVzUFJxXC9XNWhCcjZSM2xoZXgzdVZNNGlsTlc3TUZLZ01TeTBocFVjam53YVp3aXo0ZmlrYURsVjJhVWNkdFQiLCJtYWMiOiI5YjBlY2U4Mjg2MTQ2OTgwODI3ZjI4MDBiZTBiMTdhOGIzZTI3MzIzZjJmNDM2OTc4MTE5MDYwZjI5ZThhN2U5In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; expires=Thu, 05-Aug-2021 18:32:58 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:58 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnpXOLKtacvNPIYlrUUCtuLdBefpjf7E9qWDdtBc8hcKuwGzMUMD5e1SCJHZhil1F%2F259LCnG4Rg0LISa6pFkzUDfuYhoYLAJPlIdhbLVknmFdi%2BtTZ4IybNWbuQosdrgkPodXYFmLJqWmM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16cadb84505dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1489
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSvAG6lnOw6uRNEylpzK1NGtGn3%2BdlIizic30z23sFTeVkxkdE5kQCowbVYce98812piGGCge2i%2F4u8WnM4RPuV1h%2F%2FryYbuf5rE%2BY5OPYQzNFUYEfq3XAowYHZvaW3anhuVzia8CrQHWyk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16caefad305dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1489
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4ICuYqt4jpR%2FbYLxQlTAWhKSSGgJd17unCHs%2FAluQSoMe%2F%2FSwDvKr8c%2BW3OeEyEZUtG5THxwoF4fAaCX6hFP9qUdjwtyv%2Beca%2Ffxo%2BLiGhHA6pJxWJdUfW4G1VYluqvfUQzUULZU7PBGXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16caefad705dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:58 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1489
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uqSzpEZXOGYg9EK%2BqXBw5GBYDR%2FTda8ScB9whPA6R0aYJiIslziJ39%2BJIGszgxYsON%2FjSZsa4R7LKT6YXndx1ou5D3UT0cexTMmr2FHLv4N8tIon2P99r5%2F6YGeBJhpNVW2HN7m6zyzBAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16caf2b3105dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1489
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSfkg2wUgy4JH9WsCObPsw4Q9wRYPc8mYSszH%2FTKrcm36gknTUkWWJE2eXiN5UyNi0XErXzIULmYdlPJyxr%2FxCYGn3tGss7Rkpi7zKcayVcVMF%2FRYgrbdFEh9lJND%2FLKtK2dPAQnawNK07Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16caf2b3505dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONPMDgU1kqfSGNeNXpYuMXn8EexVMfKEGgAPk7RPh0j7uBkRcvoKMkGnFvaQw1rGctjVOAQKAPuOB3ef6yXmdFR0LMZAvAtcTxXsOr0quHqRT8wm3zyIDNZ6fFg0GBzuowkCZNMf1R315cQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16caf1b0805dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:58 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1489
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd1lIUDVpDASWhPyzK95J4hlFfhdrZIMOBu4sPhNHg8sAjliXDDGz4io5pJoRBa3V6h1LGmEIKHS8jIzLAGseGo10SzSjRsJDG28V9zP0aiszpN26vq1v2EmV7nTkgDif8O2VzeUdF%2FYTxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16caf2b2505dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2663
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=et5XTb%2F7IK3taxp3450aYQwMpHZbHVBYu6qgsl6lXkpIu12tod2bzqecymQQ0A0z3PE%2F3Vy2gmNFKmawNHIIt6n2DGRfBgr4ePHtpl343FwvO9mY1khVKRG2E1EnpzgyWjZ2%2B4zlylSeolc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16caf2b2805dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:58 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:58 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:58 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
188
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJvWj7m9YCB0PfCTikGJd1HLwbPc4Igzlq2S4lFw0Jc9gudJ8uraXusI%2FtaRla9Z3bekX%2Fq2jHPXg40TKJT4OS4psnMvOC4A3%2Bka5GDq973E3AYZdC9xNPeGUeEjwrptL7ArikFJdUQFjUfRvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16caf29eb4e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0b38bfd020af6d1619b15a9a7642bcb8568072cf19b302e994838622e4f8a14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41862
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:58 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.5498492266663588
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
71c1c5977183f8ec92aef984d221f6780c3058b532461c379bc95b1cac18b9e1

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:58 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:58 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:58 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
8aa8a188debb8b2085b0682c467eedf72e7534c368ce34d12682a5cfc36e779e

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:58 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b1c5107eca2fe852ad12444d79f6c5411ec312c0d6b717c72843a8a896fd965f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:58 GMT
Server
nginx/1.19.10
Etag
29e958eb-98ab-4969-ad42-4f1a8e4e28d3
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:58 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:58 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:58 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:58 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:58 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0pDShXy8GLK2MY%2FPSXZckW%2BfV6F5fYTpmsFEfiVgE2%2Bmrz6oX53V909VDmBUBKYWecNiE4K%2BQ8%2FGQZv2ubJvLkhFyuQnwqC%2BqCy8oTsCO0LzPwkJF2%2BJiyKBtJdAcP34P6wXsbT6b2VArE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkFMcVZmek9SNktoMUNScmF1eGdjMEE9PSIsInZhbHVlIjoiVEpIYXdmdTNNMHJtNlwvbFdVMW1MNkI0QldGVGZMV0I0K1c1bjY4NlZpXC9pVkNcL2ZGTmJkdjZHNkpyY1NNOGdoZyIsIm1hYyI6IjllMjRmYjNlN2U1YmZkZmY5ODJlMmQ5N2Y2NWQ3OTIzMmQ0ZjkwYzc1MmM0ODY1MDBmYjVkZmY3YTcyYjIzMGUifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:58 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlFoT0tPc0w1T2UwYWozcVwvUldNczNnPT0iLCJ2YWx1ZSI6InhPYkdWWVFmREljWExsNlhHM3U0d0l4RmdGNXJCclFuVXQ3d1VOYVFqbktVcStnbk1WVG5ISisxNFAyR0hOM2kiLCJtYWMiOiIzMmJiMjNmNWRhNTM1MTA2ZGE5NTlhZmE3ZmEwN2E3YjAzYzQ1MjBkNjI0NGRkZDUwYTEyMTVmMzk3Yjk4N2U2In0%3D; expires=Thu, 05-Aug-2021 18:32:58 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cafccbb05dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im8wQUlJWXltZEo4bG41XC9CdUlObkZ3PT0iLCJ2YWx1ZSI6InVJTk9PR0xLRk9aeGxwVlRjdzZ4ZFk4V1wvS3hucnd6RmpnNExLdUNGcVRadGc4TUJKODQzeCtOcXRLYkJDVVBTIiwibWFjIjoiNjNlNmRkMDgwNTA5NzZhYWIxYzNhNGUwZTYxZjY1ZGY4ZWUzMmFjNjUyNzRkNjdiYjYyY2FkYWMwNjI5OWFkYyJ9; c=eyJpdiI6IlBMak4rUkJzRUNvTks3ZGYzaUkzOHc9PSIsInZhbHVlIjoiN0VxdzlBZkZuV2Z1cmpQMUszYm5mM2RPaEx1TFdzT3pkYTFIQU85WjlKdWc4bUJUWlNwTGlqalNwbGZjeDB3KyIsIm1hYyI6ImE1OGU1Y2Y5ZWQwOWYyZjZlZDBhMzg1MWRkNjk1NzFjNjE2MDQyNTdiYWJkNmRjNTIwZDRlZGFmMjc3ZTUxNmMifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2202
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAOJoUe25nomGPQrPYoNFdTg2yjhdR%2FGfWybg68KMkGwuZI3llamqVW2tHTnjRCSFTlNbHWOH7hMn5c9A3rs2AIUu9gB1XMJWb2652T996OjGMz1eyk9phywF4vlooWakrRkVdKO7ArYBRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16cafccc405dc-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:58 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3955d42c321fbe81060b58a781977863d35a896c23098c8885c846ca6509dc8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51135
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:58 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3384
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
36
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
1igjGnzPHa-fD0RXh84-_2Zo26jCgRPTQPyWmSmrQ11JJDoVoozu-g==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
5d4028ea-bc6c-4b63-876f-70d61048e569
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/5d4028ea-bc6c-4b63-876f-70d61048e569
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:58 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.5498492266663588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.3776084060411382
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:58 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=132334631&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=707476250
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66278
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IkFMcVZmek9SNktoMUNScmF1eGdjMEE9PSIsInZhbHVlIjoiVEpIYXdmdTNNMHJtNlwvbFdVMW1MNkI0QldGVGZMV0I0K1c1bjY4NlZpXC9pVkNcL2ZGTmJkdjZHNkpyY1NNOGdoZyIsIm1hYyI6IjllMjRmYjNlN2U1YmZkZmY5ODJlMmQ5N2Y2NWQ3OTIzMmQ0ZjkwYzc1MmM0ODY1MDBmYjVkZmY3YTcyYjIzMGUifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; XSRF-TOKEN=eyJpdiI6IkFMcVZmek9SNktoMUNScmF1eGdjMEE9PSIsInZhbHVlIjoiVEpIYXdmdTNNMHJtNlwvbFdVMW1MNkI0QldGVGZMV0I0K1c1bjY4NlZpXC9pVkNcL2ZGTmJkdjZHNkpyY1NNOGdoZyIsIm1hYyI6IjllMjRmYjNlN2U1YmZkZmY5ODJlMmQ5N2Y2NWQ3OTIzMmQ0ZjkwYzc1MmM0ODY1MDBmYjVkZmY3YTcyYjIzMGUifQ%3D%3D; c=eyJpdiI6IlFoT0tPc0w1T2UwYWozcVwvUldNczNnPT0iLCJ2YWx1ZSI6InhPYkdWWVFmREljWExsNlhHM3U0d0l4RmdGNXJCclFuVXQ3d1VOYVFqbktVcStnbk1WVG5ISisxNFAyR0hOM2kiLCJtYWMiOiIzMmJiMjNmNWRhNTM1MTA2ZGE5NTlhZmE3ZmEwN2E3YjAzYzQ1MjBkNjI0NGRkZDUwYTEyMTVmMzk3Yjk4N2U2In0%3D; _ga=GA1.1.673974121.1628181169
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IkFMcVZmek9SNktoMUNScmF1eGdjMEE9PSIsInZhbHVlIjoiVEpIYXdmdTNNMHJtNlwvbFdVMW1MNkI0QldGVGZMV0I0K1c1bjY4NlZpXC9pVkNcL2ZGTmJkdjZHNkpyY1NNOGdoZyIsIm1hYyI6IjllMjRmYjNlN2U1YmZkZmY5ODJlMmQ5N2Y2NWQ3OTIzMmQ0ZjkwYzc1MmM0ODY1MDBmYjVkZmY3YTcyYjIzMGUifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzJgFog7ws4mJVNbu6oHXUjcvny4Ik7DuAFH4lJl9DYq3aeOooj%2FWDQqyAKUYTeqY9PRaZNqoepNT3n0g4E1gqn2ZOXkZcZcbGn0R0MRaNKHFBkqs1mQaEA6QkxVzPyjJ%2Fi6jCMfNe9EFpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImZocGVIV29FdDFHUU1sblwvQkpMY0lBPT0iLCJ2YWx1ZSI6InJ4VEZyQUFZSThjeDd3d1J1emVrc0RwK1JIM3FuZ1l3UlVwSU9nanRtblZYeDFUd0J4alR4dlAwbHA0ZEZydGgiLCJtYWMiOiJjMDIyNmFlY2YyODQ3NDNiYzVhYmI4N2I0MWUyYTdkZjcyZWJhMDgxYWRhYjllODk0NzIxMDE0OWJlMDM5YmFjIn0%3D; expires=Thu, 05-Aug-2021 18:32:59 GMT; Max-Age=7200; path=/ c=eyJpdiI6InRVT1F1aHdQU1QzY0YydWdHOGZGanc9PSIsInZhbHVlIjoiMkpERUhWcmtHbTEybTh3RWROZG9MOWVCS2xJaW0wZW1pXC9xcW5qM2lLZXc4TzJJRnRuc05SalZoTlRLSnpIRWkiLCJtYWMiOiI2ZDllY2E4NzA0MWFhYTY1N2M1NTQ0YmQ3NmNhNDVhOGM2YjZmYTY5YmY0MzdhZDJmMDU3ZjJkNmNjYzAwNzM1In0%3D; expires=Thu, 05-Aug-2021 18:32:59 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cb07e3005dc-FRA
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8093
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
HOe1g3-t5MBitqxl0y-x3K-PhsQWH8XiHJ9II-6DLeXbq4ioTEyvoA==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.4134058695546232&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.7215103898946946
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:58 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 7EB8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
6B5OJTnntreGpT7SHsrxzLty-YEN5XjydNM9saPcRY56mREaspN9gQ==
age
1613789
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:59 GMT
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:59 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:59 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:32:59 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3b444c42b67663aa050f5ce2a61415644b0f8442a655f8641732c8717faca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImZocGVIV29FdDFHUU1sblwvQkpMY0lBPT0iLCJ2YWx1ZSI6InJ4VEZyQUFZSThjeDd3d1J1emVrc0RwK1JIM3FuZ1l3UlVwSU9nanRtblZYeDFUd0J4alR4dlAwbHA0ZEZydGgiLCJtYWMiOiJjMDIyNmFlY2YyODQ3NDNiYzVhYmI4N2I0MWUyYTdkZjcyZWJhMDgxYWRhYjllODk0NzIxMDE0OWJlMDM5YmFjIn0%3D; c=eyJpdiI6InRVT1F1aHdQU1QzY0YydWdHOGZGanc9PSIsInZhbHVlIjoiMkpERUhWcmtHbTEybTh3RWROZG9MOWVCS2xJaW0wZW1pXC9xcW5qM2lLZXc4TzJJRnRuc05SalZoTlRLSnpIRWkiLCJtYWMiOiI2ZDllY2E4NzA0MWFhYTY1N2M1NTQ0YmQ3NmNhNDVhOGM2YjZmYTY5YmY0MzdhZDJmMDU3ZjJkNmNjYzAwNzM1In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; expires=Thu, 05-Aug-2021 18:32:59 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D; expires=Thu, 05-Aug-2021 18:32:59 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWdQndpiejS2Xp9KsqNQnVPXaL8BK%2Fzowfr%2FU6d2hegKc531%2FOsjQ9WqkVz2N1d2ezASQotxDtTzR0khlyA%2FX8NSzUs2XsjahzseWtVF0n%2F07BIkysUyK1QxCKhmUoWQXwlGzUOJ3zZCu6k%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16cb2eb3005dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1490
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i106%2FQnTdP7VcJnQbZUvxWeco%2Fn1Ivzs92jmrLYrVZOsHEEnzh6yRNs5IZXG5UrVXLFMBrkckgF%2FoCPjI1mhFV%2BVNNjjQxURFqFAOyDCx%2B%2BC6b7fN1LpXc%2Fh2QcEqB00Q5ezuWyxJ8WXSmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16cb40dcc05dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
760 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1490
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRZOYijvXKaDdHprvN2JyYd93TyhF%2BjoGnQIuJ5ql72w2IZ%2BVsqGRHWto3gjP0i4kjy7fsireiRtpe13g7fVL7bpZGDSu%2B0pyeIAw3V%2BLfV810mpNoml6sGe9VSTeeQL7vJRNVEU4AhPBMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16cb40dd205dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:59 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1490
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XL2t9u6Fsd%2BwoV6zCrCw4N1FliHGOeOpDsgbBCfU5E0tHOdfSsk22lUDTS3s0h84vURedC%2Bk7o2B%2B54BrGeUPDzRZgGvon7JVzSw9o15NSAmPDlfi8e7FMolM4uBcdd6q5o8v7Hb0Rh9Pn4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16cb44e6705dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1490
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6ZqHItmMyhe21NsXd8JxMqmIniIofy9GqlSAt9LkL7xB5GFBQABouzXCUtLO9TP8bnDgmS1ouZq4SUb%2Bp4Dwmn1ZfaJpDOaz96rSNE0Yh%2BUDHBUxWVK4dt7sOHdTEL6eT9knYTgmARPkSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16cb44e6905dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ex3zBPHgsi024pQFPC9ghPj6Zhe4is%2FHVTWGbZlUTInvUMlrLnKE9SG%2F2RXsGjjJ7KUSrdiu1MM7F6kFWJTZW8qBWVIvU2c9dpl77X79ynqWF9FU7wq%2FWOxYeisaUZOzwK1Tlu6jLkYUoU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16cb42e0305dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:32:59 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1490
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oc6fEzamtdE6ZpjPkaldo3unBf5EWEU0Vyv%2Bvnh%2FSq9iK48X9gd3iE%2BbKs1ms5mo1sMrTZMQ5aUykfADoxeGWyPVVU%2FJlIc3pSChhSMiisXCkxQJEY79%2F0d58EBLQ8NRVP4I6us8hNeh%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16cb43e2005dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2664
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMyxLF%2FsRcAp%2FwZBpJ9j%2FgRdlW%2FcSmfUVbokurKYfdrzToWdVYhdk4OPYKj8BaZ7Dm7a14eOPS288fWcpOBYSW5npT3B9%2Bujdfv6DBfloxvXjx3LcxFfXVu4mXG2B8zBn8ewINzEWF1byNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16cb44e3405dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:21:59 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:59 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:32:59 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
189
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BzsrCdPBybxeJAtpIeUn6gEdAbdDqM%2FfjWyYVnmi%2B%2FeC9wlQG8VLQU0oADrKG6ex9DG6xC9T0Z7ZwuXyKoJ%2Bj1WfyBxcTxYe08DIx6fcH9NaFG50L%2B3bKsAKM72Ta62ejPY7HsneaWmzSLZow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16cb45cfa4e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2bbed3a1df3444a8be2a1dffe7ebe23b2561d6bb2a9ae30c765679b542ab661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:32:59 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8234413987505242
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1748109c3d884e5999c4cd98b021a90a6bd92dfb69ce509cea2f88272829ef7c

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:32:58 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:21:59 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:21:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:32:59 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
28c6fc5a5c7ad94ec73976a669da7eec3c1c646866e0b59211d59d886c5ae9b0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:59 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
54464bb5949fbf30e01aee5770fa65c8a55470ffec48b94851dff7db47964974
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:32:59 GMT
Server
nginx/1.19.10
Etag
3d085f10-0bf0-4d91-ba75-3539809d74a8
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:59 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:59 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:59 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:59 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:59 GMT
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2203
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY8GKaQ1qLXA6REQIrIsZzEJlLjN7fDlQFHrdeH1tHJEMUVmAQslVbYvgR6yAJiUQ9vp9Q0vLrQG7ZpuxitY9GBlsCoUCKErSl6%2BsfzIDLUSKyAyiL63UQQbF5W%2BAtMocJEQ%2BUlhNlAZjSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16cb4df9405dc-FRA
locate
tgfunnls.org/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0%3D; c=eyJpdiI6ImtaRlNjTHhcL0lCcUxcL2ZOWkZsU3dKZz09IiwidmFsdWUiOiJOY1ZQWHErSFluVjZqS0oxMUR5bUs1NHh3b014aFwvZEp3V2o1OFFEdlFPeUtpZjNnMnBFNHZtWE0xRWlDXC9GbHgiLCJtYWMiOiI1Yjk3ZTE3YTE4MzQ5MWZhOWMwYmY3MTA4NTc2ZjU2ZjE1M2M1ZDRhNzNiNWFmYzc5MDc3NjQyZjU5MGEyMGI5In0%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Im9DTFZoSHRtTFZvOG1DOUwrVWFLK0E9PSIsInZhbHVlIjoib1JpTlRaM2JuTDRXTVRqdnhQT0oweUl1dEhKTnhcL09USUJBVmh5cHdPRmhsc2lQZ3J3Z3hMY1NGN0l1WVNRaEsiLCJtYWMiOiI2NDUzZTA1NmFlNWE0MjJlODg4YWRkYjk5NWFlZGYzOTIzNTRiODNiYmIwYmUxZTkzMmYwYTBmYTljMTUyMTA0In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HjyXKvN8uxCmiWyA5Uua9bGKGASmoqHSRxG3X5P1pbfpK01ddLLPUw5%2B1ypF3AQxJV3Op5fzAx55aFCJs8z44lbIoB4KFr19GRU4ZBWzme6UF7WQCBpikDTLVnH%2BkaLpAcZblglLp2zgPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImhKNm8zSEZBREZocDUyam1vWVhCM0E9PSIsInZhbHVlIjoiZXpUU0QrOVFzQVwvZytQT1JaQ3dzRXF5WHByUVlsRk1DNXZLOTEzaW5hcnp5SW15cGU1Z0lnc2U5Rjdub1ZXc1YiLCJtYWMiOiI0NDdiNDU5MjI2NTAxNWNhMmFjMTZjN2FlZjY0MDZhNmRiZDg0MTNkYWNkNTliYjEyMTI2NmE4ZTk2YjdmNTgxIn0%3D; expires=Thu, 05-Aug-2021 18:32:59 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImYwdkFNQTBhcjg4WlZuK1NEVFlZaFE9PSIsInZhbHVlIjoiQSt0MGJnSmc1SDRieVUyMTlyV0IwOEZCd2REQUpkSXB2OXVXeHhqSEZyNSszWTM3WEFLZmVld2JobnRGN1dSVCIsIm1hYyI6IjUyNzhkZWYzYmYxNTM3YmNhY2NjNjU2OTA4MWI3NDdiNGU0NjllM2U4ZjM4M2E4ZDYzM2I1OTkwYjY2ODlhOWUifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:59 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cb4ffd705dc-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:59 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:59 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
523300a5-c7e2-4789-8d58-bce764e15002
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/523300a5-c7e2-4789-8d58-bce764e15002
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:32:59 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:32:59 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8234413987505242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D93A242489D1FAAFE5370C8CEADEE7226&h=6066ddf2e4c740e1f69eb588cdb6f716&t=false&r=0.8716503743234882
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:32:59 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1aa6dadd8dca8ccedbcc0570be007111ae97c1e941f9a8f825dce28d3c5ccbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51134
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:32:59 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3385
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
37
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
y_vNM6GCnXb08h48V7RPo5YAVlN4frMG2usuMbV8vTfi4BT1XCutEQ==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6ImhKNm8zSEZBREZocDUyam1vWVhCM0E9PSIsInZhbHVlIjoiZXpUU0QrOVFzQVwvZytQT1JaQ3dzRXF5WHByUVlsRk1DNXZLOTEzaW5hcnp5SW15cGU1Z0lnc2U5Rjdub1ZXc1YiLCJtYWMiOiI0NDdiNDU5MjI2NTAxNWNhMmFjMTZjN2FlZjY0MDZhNmRiZDg0MTNkYWNkNTliYjEyMTI2NmE4ZTk2YjdmNTgxIn0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181178.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImhKNm8zSEZBREZocDUyam1vWVhCM0E9PSIsInZhbHVlIjoiZXpUU0QrOVFzQVwvZytQT1JaQ3dzRXF5WHByUVlsRk1DNXZLOTEzaW5hcnp5SW15cGU1Z0lnc2U5Rjdub1ZXc1YiLCJtYWMiOiI0NDdiNDU5MjI2NTAxNWNhMmFjMTZjN2FlZjY0MDZhNmRiZDg0MTNkYWNkNTliYjEyMTI2NmE4ZTk2YjdmNTgxIn0%3D; c=eyJpdiI6ImYwdkFNQTBhcjg4WlZuK1NEVFlZaFE9PSIsInZhbHVlIjoiQSt0MGJnSmc1SDRieVUyMTlyV0IwOEZCd2REQUpkSXB2OXVXeHhqSEZyNSszWTM3WEFLZmVld2JobnRGN1dSVCIsIm1hYyI6IjUyNzhkZWYzYmYxNTM3YmNhY2NjNjU2OTA4MWI3NDdiNGU0NjllM2U4ZjM4M2E4ZDYzM2I1OTkwYjY2ODlhOWUifQ%3D%3D
content-length
179
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImhKNm8zSEZBREZocDUyam1vWVhCM0E9PSIsInZhbHVlIjoiZXpUU0QrOVFzQVwvZytQT1JaQ3dzRXF5WHByUVlsRk1DNXZLOTEzaW5hcnp5SW15cGU1Z0lnc2U5Rjdub1ZXc1YiLCJtYWMiOiI0NDdiNDU5MjI2NTAxNWNhMmFjMTZjN2FlZjY0MDZhNmRiZDg0MTNkYWNkNTliYjEyMTI2NmE4ZTk2YjdmNTgxIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZgeSeYFD7pJUrKfMaMpQcSKnR%2BbUToG%2BhzkWxcPsBVSvMUkbZvPfSXOUEtRIeaQmNIECvEwkOmQcTRcTCrD31APcr2mu07vPU3fOhY3f%2FCOuhTh8jQR98lxhMKVCc9U9hQTkLya6CGWWHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImhLWnRwNjJaMVRBa3lOUDc3V01BUWc9PSIsInZhbHVlIjoiNmFrUFRhYmRMQndLZU9NSTVoVjJxRks2TGZTdldqeSszUnpVamVMRHptT1BXamh2ZVIxK0ZEWEFqSjYxd1VHcSIsIm1hYyI6IjMxYzU5Mjk5OTU3NjYzYmRmOWJkOTA3NGIwMGQ0MGFlNWIxNjg0YzdhOWIyMmRhZWJmOWYyNTFjZTAxMTVlMjQifQ%3D%3D; expires=Thu, 05-Aug-2021 18:32:59 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjR2SzZ0MWI1aENHSXVRY2EwMHlIQnc9PSIsInZhbHVlIjoiMkcydVEwS2M4R1czXC8wdmFcL2ZJZFBTUGtQZTFlcUFsZFFwMjRvT2pKeDNGbzBUUU1pRGNSSHVsSDl5QUt4MXNIIiwibWFjIjoiMmUxY2Q4Yjk4ZjQ4NTk3NGM1ZDZhMTI3OGMxNmM4Y2MyM2MwNTlkMzY1YmQ2YzY1MGYzMTkyMWJkNjNjODA1ZiJ9; expires=Thu, 05-Aug-2021 18:32:59 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cb5890605dc-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1666333875&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=673974121.1628181169&tid=UA-192660002-1&_gid=2112476609.1628181169&gtm=2wg840MSK8GMG&z=73708377
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66279
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.8749519318750352&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.019513740041406047
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8094
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
QxP9QswQgGIh5x0qm-GgUGWxbubMgxoIoyo8O5WEL4MzNzW0HuBfoQ==
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:59 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:02:59 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame FE19 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
q8qEFVmmIX7gJrb9y1xR3YTOCxvAXQxKPQBgiPbyIvoeVZ4a0JQBSQ==
age
1613789
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:33:00 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:33:00 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36aafe9da08d24d9d03164759d1f83487935fc68106c4506bb974ec423d08bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181179.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImhLWnRwNjJaMVRBa3lOUDc3V01BUWc9PSIsInZhbHVlIjoiNmFrUFRhYmRMQndLZU9NSTVoVjJxRks2TGZTdldqeSszUnpVamVMRHptT1BXamh2ZVIxK0ZEWEFqSjYxd1VHcSIsIm1hYyI6IjMxYzU5Mjk5OTU3NjYzYmRmOWJkOTA3NGIwMGQ0MGFlNWIxNjg0YzdhOWIyMmRhZWJmOWYyNTFjZTAxMTVlMjQifQ%3D%3D; c=eyJpdiI6IjR2SzZ0MWI1aENHSXVRY2EwMHlIQnc9PSIsInZhbHVlIjoiMkcydVEwS2M4R1czXC8wdmFcL2ZJZFBTUGtQZTFlcUFsZFFwMjRvT2pKeDNGbzBUUU1pRGNSSHVsSDl5QUt4MXNIIiwibWFjIjoiMmUxY2Q4Yjk4ZjQ4NTk3NGM1ZDZhMTI3OGMxNmM4Y2MyM2MwNTlkMzY1YmQ2YzY1MGYzMTkyMWJkNjNjODA1ZiJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImVBeDFjaGI3eUpGc2lSODBJTVVjd0E9PSIsInZhbHVlIjoiT2U1amozVXVxRFB3OUVOUkNcL1RZMUhmQ2hiVVY1MWhrRHV3NldUckRoOGJTTitWTTJMdUpxVzA5TFdhNGY1VGIiLCJtYWMiOiJkMTMyOTc5M2Q5MWMxMWNjYWJlODJhYzllYTYxM2IzODI0ZTRlMjE3ZDViNzk4MTE4Y2RhZWE0ZGMxMmUxNjNhIn0%3D; expires=Thu, 05-Aug-2021 18:33:00 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlZqSWhOXC82bjVKdVA5cDg3eDBiSjl3PT0iLCJ2YWx1ZSI6IlZzcUtzZkppV2JRTDVMbnB0TlV0RUZcL1hHRE16QitjSTkxcDlqMEJxdlBGWklZNXVqN21Bdko4RUdhTytCcnVwIiwibWFjIjoiYjFjNmMwNmE2NTYxN2VhOGIzMzg3YzExZWZmMGY1Zjg1NjYzMzA4OWFiOGVlMjdhOTNjYmY4YzMzNGZhYTgxOSJ9; expires=Thu, 05-Aug-2021 18:33:00 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0q9j1uGIdQixxdHUFhWbJ8yuHyHegMRSiA98TpuDbhTxu14e%2Ff9%2FcjglkiBLs5G7QuM5mLhlQIKEjihjvZseSjGEsV5qx2SUW11ceDKIC%2F0xGeLzWIyc07ulC54z6bQB5xlr5nL28dYwC0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16cb81f5905dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:33:00 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181179.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImVBeDFjaGI3eUpGc2lSODBJTVVjd0E9PSIsInZhbHVlIjoiT2U1amozVXVxRFB3OUVOUkNcL1RZMUhmQ2hiVVY1MWhrRHV3NldUckRoOGJTTitWTTJMdUpxVzA5TFdhNGY1VGIiLCJtYWMiOiJkMTMyOTc5M2Q5MWMxMWNjYWJlODJhYzllYTYxM2IzODI0ZTRlMjE3ZDViNzk4MTE4Y2RhZWE0ZGMxMmUxNjNhIn0%3D; c=eyJpdiI6IlZqSWhOXC82bjVKdVA5cDg3eDBiSjl3PT0iLCJ2YWx1ZSI6IlZzcUtzZkppV2JRTDVMbnB0TlV0RUZcL1hHRE16QitjSTkxcDlqMEJxdlBGWklZNXVqN21Bdko4RUdhTytCcnVwIiwibWFjIjoiYjFjNmMwNmE2NTYxN2VhOGIzMzg3YzExZWZmMGY1Zjg1NjYzMzA4OWFiOGVlMjdhOTNjYmY4YzMzNGZhYTgxOSJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1491
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLdtvdaqproQWp0CGAFX0rVegX6OfRjvgobiTd1He8k9hbaB6bYY31AaFG4ISawCCOOFw1JpgX3ONbf1S%2B2K6V2d18NA60ZBPRdcFsvuDJZJCxhPg8rUG28GI4UAvIAmfH4y22gcJkW%2B3E0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16cb9cb6105dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181179.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImVBeDFjaGI3eUpGc2lSODBJTVVjd0E9PSIsInZhbHVlIjoiT2U1amozVXVxRFB3OUVOUkNcL1RZMUhmQ2hiVVY1MWhrRHV3NldUckRoOGJTTitWTTJMdUpxVzA5TFdhNGY1VGIiLCJtYWMiOiJkMTMyOTc5M2Q5MWMxMWNjYWJlODJhYzllYTYxM2IzODI0ZTRlMjE3ZDViNzk4MTE4Y2RhZWE0ZGMxMmUxNjNhIn0%3D; c=eyJpdiI6IlZqSWhOXC82bjVKdVA5cDg3eDBiSjl3PT0iLCJ2YWx1ZSI6IlZzcUtzZkppV2JRTDVMbnB0TlV0RUZcL1hHRE16QitjSTkxcDlqMEJxdlBGWklZNXVqN21Bdko4RUdhTytCcnVwIiwibWFjIjoiYjFjNmMwNmE2NTYxN2VhOGIzMzg3YzExZWZmMGY1Zjg1NjYzMzA4OWFiOGVlMjdhOTNjYmY4YzMzNGZhYTgxOSJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1491
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BEMUIHODsZRM2ik%2FmkSb69WUvoOdLoNDeDDqxXtNUVuQA%2BSESxAmuHiHder3dyvVMSDTZbioXHNnNfqhdXdQsiG0ehxx%2BHQ1uewb%2B8Vy18y1yNSzO29WaorrYQiUKPkJ7vZJhOcZwt%2FODQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16cb9cb6305dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:22:00 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181179.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImVBeDFjaGI3eUpGc2lSODBJTVVjd0E9PSIsInZhbHVlIjoiT2U1amozVXVxRFB3OUVOUkNcL1RZMUhmQ2hiVVY1MWhrRHV3NldUckRoOGJTTitWTTJMdUpxVzA5TFdhNGY1VGIiLCJtYWMiOiJkMTMyOTc5M2Q5MWMxMWNjYWJlODJhYzllYTYxM2IzODI0ZTRlMjE3ZDViNzk4MTE4Y2RhZWE0ZGMxMmUxNjNhIn0%3D; c=eyJpdiI6IlZqSWhOXC82bjVKdVA5cDg3eDBiSjl3PT0iLCJ2YWx1ZSI6IlZzcUtzZkppV2JRTDVMbnB0TlV0RUZcL1hHRE16QitjSTkxcDlqMEJxdlBGWklZNXVqN21Bdko4RUdhTytCcnVwIiwibWFjIjoiYjFjNmMwNmE2NTYxN2VhOGIzMzg3YzExZWZmMGY1Zjg1NjYzMzA4OWFiOGVlMjdhOTNjYmY4YzMzNGZhYTgxOSJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1491
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajUjMMfY92BMa1BsKhj911adQWEcgbZW57oZ1Q4Yi4R3bzfhcly4KdhsBDbV8G2VuRAMi2ulaFyyMz%2BEUOrJEFbsih1zGPx%2BuwUR6pUi1ebD0lkUr5j1iXXRyjqDeW3aHUeFb57VC6YvvJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16cb9fbde05dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181179.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImVBeDFjaGI3eUpGc2lSODBJTVVjd0E9PSIsInZhbHVlIjoiT2U1amozVXVxRFB3OUVOUkNcL1RZMUhmQ2hiVVY1MWhrRHV3NldUckRoOGJTTitWTTJMdUpxVzA5TFdhNGY1VGIiLCJtYWMiOiJkMTMyOTc5M2Q5MWMxMWNjYWJlODJhYzllYTYxM2IzODI0ZTRlMjE3ZDViNzk4MTE4Y2RhZWE0ZGMxMmUxNjNhIn0%3D; c=eyJpdiI6IlZqSWhOXC82bjVKdVA5cDg3eDBiSjl3PT0iLCJ2YWx1ZSI6IlZzcUtzZkppV2JRTDVMbnB0TlV0RUZcL1hHRE16QitjSTkxcDlqMEJxdlBGWklZNXVqN21Bdko4RUdhTytCcnVwIiwibWFjIjoiYjFjNmMwNmE2NTYxN2VhOGIzMzg3YzExZWZmMGY1Zjg1NjYzMzA4OWFiOGVlMjdhOTNjYmY4YzMzNGZhYTgxOSJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1491
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd0sBa8YyixTS16d1TO8zKJ7NW9JO7DUZ9MvWir2JAnfMeXj2jHCzM9rf4EtPnmIWmx9q8Ou%2BQWXFws4u189n7gYJdDg4OMIyDhk4rAg31paqUMFw44sdUptuw4wLn5M0WFGn2j4t7rKS4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16cb9fbe405dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181179.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImVBeDFjaGI3eUpGc2lSODBJTVVjd0E9PSIsInZhbHVlIjoiT2U1amozVXVxRFB3OUVOUkNcL1RZMUhmQ2hiVVY1MWhrRHV3NldUckRoOGJTTitWTTJMdUpxVzA5TFdhNGY1VGIiLCJtYWMiOiJkMTMyOTc5M2Q5MWMxMWNjYWJlODJhYzllYTYxM2IzODI0ZTRlMjE3ZDViNzk4MTE4Y2RhZWE0ZGMxMmUxNjNhIn0%3D; c=eyJpdiI6IlZqSWhOXC82bjVKdVA5cDg3eDBiSjl3PT0iLCJ2YWx1ZSI6IlZzcUtzZkppV2JRTDVMbnB0TlV0RUZcL1hHRE16QitjSTkxcDlqMEJxdlBGWklZNXVqN21Bdko4RUdhTytCcnVwIiwibWFjIjoiYjFjNmMwNmE2NTYxN2VhOGIzMzg3YzExZWZmMGY1Zjg1NjYzMzA4OWFiOGVlMjdhOTNjYmY4YzMzNGZhYTgxOSJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qbt88aPWaYC0MiQrx%2FTem58Bl34etAiUa1ugzPrpw1XMJaFdH9b2XuZE1dMBDlx8S5oOT2hVMwbz5HZ9zp6qfIwq%2F%2BgiBzUXFJu%2FkxNX2rDLofqv2EpZZc0cD5mjwqypVuPHb7qH9nqewqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16cb9ebb605dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:33:00 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181179.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImVBeDFjaGI3eUpGc2lSODBJTVVjd0E9PSIsInZhbHVlIjoiT2U1amozVXVxRFB3OUVOUkNcL1RZMUhmQ2hiVVY1MWhrRHV3NldUckRoOGJTTitWTTJMdUpxVzA5TFdhNGY1VGIiLCJtYWMiOiJkMTMyOTc5M2Q5MWMxMWNjYWJlODJhYzllYTYxM2IzODI0ZTRlMjE3ZDViNzk4MTE4Y2RhZWE0ZGMxMmUxNjNhIn0%3D; c=eyJpdiI6IlZqSWhOXC82bjVKdVA5cDg3eDBiSjl3PT0iLCJ2YWx1ZSI6IlZzcUtzZkppV2JRTDVMbnB0TlV0RUZcL1hHRE16QitjSTkxcDlqMEJxdlBGWklZNXVqN21Bdko4RUdhTytCcnVwIiwibWFjIjoiYjFjNmMwNmE2NTYxN2VhOGIzMzg3YzExZWZmMGY1Zjg1NjYzMzA4OWFiOGVlMjdhOTNjYmY4YzMzNGZhYTgxOSJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1491
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BksCOaOTBarM6Nsj9AwiWn2zjurlAZvCZKsUEWhLhjoOfdSFCOLbnhL0I8mH0KvlIlwrapWEIt%2FZRlP9KPoPAfKob1ntqvMsxrAy9gZ7KDsSvxXk6G4FFOquPSZBM2pCYYWiboMibO2YRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16cb9ebc605dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=D93A242489D1FAAFE5370C8CEADEE7226|6066ddf2e4c740e1f69eb588cdb6f716; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.2112476609.1628181169; _gat_UA-192660002-1=1; _hjid=a6f57575-0a8a-425d-8654-7dbde37c27e4; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181169.1.1.1628181179.0; _ga=GA1.1.673974121.1628181169; XSRF-TOKEN=eyJpdiI6ImVBeDFjaGI3eUpGc2lSODBJTVVjd0E9PSIsInZhbHVlIjoiT2U1amozVXVxRFB3OUVOUkNcL1RZMUhmQ2hiVVY1MWhrRHV3NldUckRoOGJTTitWTTJMdUpxVzA5TFdhNGY1VGIiLCJtYWMiOiJkMTMyOTc5M2Q5MWMxMWNjYWJlODJhYzllYTYxM2IzODI0ZTRlMjE3ZDViNzk4MTE4Y2RhZWE0ZGMxMmUxNjNhIn0%3D; c=eyJpdiI6IlZqSWhOXC82bjVKdVA5cDg3eDBiSjl3PT0iLCJ2YWx1ZSI6IlZzcUtzZkppV2JRTDVMbnB0TlV0RUZcL1hHRE16QitjSTkxcDlqMEJxdlBGWklZNXVqN21Bdko4RUdhTytCcnVwIiwibWFjIjoiYjFjNmMwNmE2NTYxN2VhOGIzMzg3YzExZWZmMGY1Zjg1NjYzMzA4OWFiOGVlMjdhOTNjYmY4YzMzNGZhYTgxOSJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2665
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CXXPU9eQ8e7NrVphDnKkYE%2FLobvFRXLweoWP7G2T%2B9nYAqor6knPOmWlnZ98coP1FqQ6d6LI6SSJI4ifD443aCMWp5TbMpKEbbU10zSDCsl08Mn2qAf%2F2L%2BvEC%2FOKi2LVgyyJOjDXDw0yc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16cb9fbdb05dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:22:00 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:33:00 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:33:00 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
190
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adJmeUuWcAatWPvqOsXulcBRt1AEZ%2Fx6qSYFE4ZIYuTcfzHH2Gv1qupZE5BDwf5UbSimoEawnDff4izq9yHF8w9e7I1sfy1EXKujPWDvWfhUoDZOGFd0v2WXExvJbWY4hlueETADHTGGdGgVKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16cb9f9b14e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:33:00 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.3587733712293859
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
c796e95c69f8c4d0c28b24b8f60df96ba0207cef3ee6c716847f823b0f3ccf9c

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:33:00 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:22:00 GMT
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:00 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1aa6dadd8dca8ccedbcc0570be007111ae97c1e941f9a8f825dce28d3c5ccbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51134
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3386
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
38
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
xu_sAnJe1V8i3c7ny8kQuec3Z5xe1XDKqzDT668A6-A0tskeMXm6-Q==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PTSDk9aUWh2ThmOzqv6IxzPj7xZ%2F%2FvBpV2KdLMmQ%2F8ImSGEgwnMXtmiTTk39RZhDtW%2FbX%2BwmSo7OMu5jFAC5SN9%2B7Og%2FNfGfgUr3jqK3YP0c5vvS9bjvmrxKx5oL6SFhLDYr7I%2Fisi4ulg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Imc3T0kzXC9VQVVmcHhcL0c2WFUwUGRZdz09IiwidmFsdWUiOiJ1QVlidHBOWDhaaU8yUEd0RjJQXC96UCtkWGVBTzhFaGxZbUN3VzA0b3FrY0dsYmczNGhoTkNmYkVSY21HVEV3ZCIsIm1hYyI6IjUxY2YyNWM4NGYzYTBkNmU5OGU4ODQ0OTM0N2UwYmFhNmVmMDA2YmUwZDRlNGM3YjM5NmIxOGZmOGM0MjU5NDAifQ%3D%3D; expires=Thu, 05-Aug-2021 18:33:00 GMT; Max-Age=7200; path=/ c=eyJpdiI6Inl3WjJpeXVhWFRYXC9uS2V5ZUVHaklBPT0iLCJ2YWx1ZSI6IlZyTDk2TTlSYWZwXC9SRDEyQ1dnbXVRK3owZ3hEWHJFOFhIT1JmbGR4M2g1UTVKSFRlblwvS0RoVFwvY0lyOW9oUGEiLCJtYWMiOiJlNWMwMGVlYWQ3YmMxOTUxMjI4N2M2ZmRjNjVjNmJkZThjM2U2OTcyMWQzNjZiZmMxOWZkOGZjMjZiODljZDk3In0%3D; expires=Thu, 05-Aug-2021 18:33:00 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cba8d1d05dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ub6J1%2B2dQeGHo%2BTnjmIr0jRqXaIf6ENwCRfTgARBmyd56h0pwxBuVDPqF7IfuwgfLAKD8f3upoo0DPVEupyLaml4h6jQ%2FAuRqYhuMwc%2FrdzLP34hRp6QvrtEjN4DDVB8tstjyvs9ZA4BVWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16cba8d2005dc-FRA
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.3587733712293859
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC544E570C036CECFCB1FFD08DE107198&h=efd4065e53742d73702d19fd90ab7225&t=false&r=0.5974345158668801
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:33:00 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:00 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
a0f29f6eb73f917d6bb864e349dec5da3d133141437ef975af161e2690ffe1e9

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:33:00 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8f251687ab05b7d73679860fce21c7f73f8dd9b01aa69b571e008861249878cc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:33:00 GMT
Server
nginx/1.19.10
Etag
b6635f23-aeba-41d2-b33d-586e905c716a
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:00 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:00 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:00 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:00 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:00 GMT
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:33:00 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:33:00 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
7da866c7-bc9a-4ce8-b033-56a67819bc43
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/7da866c7-bc9a-4ce8-b033-56a67819bc43
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2057108236&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=654647096&gjid=1121996862&cid=1039730962.1628181181&tid=UA-192660002-1&_gid=1094384384.1628181181&_r=1&gtm=2wg840MSK8GMG&z=708589581
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:33:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:33:00 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:33:00 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8095
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
5Z1vUAGHSVrWmfaAMicsC_OjU-LcFjC5d7l2ZJXyutQ004H1dBChBA==
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6Imc3T0kzXC9VQVVmcHhcL0c2WFUwUGRZdz09IiwidmFsdWUiOiJ1QVlidHBOWDhaaU8yUEd0RjJQXC96UCtkWGVBTzhFaGxZbUN3VzA0b3FrY0dsYmczNGhoTkNmYkVSY21HVEV3ZCIsIm1hYyI6IjUxY2YyNWM4NGYzYTBkNmU5OGU4ODQ0OTM0N2UwYmFhNmVmMDA2YmUwZDRlNGM3YjM5NmIxOGZmOGM0MjU5NDAifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; XSRF-TOKEN=eyJpdiI6Imc3T0kzXC9VQVVmcHhcL0c2WFUwUGRZdz09IiwidmFsdWUiOiJ1QVlidHBOWDhaaU8yUEd0RjJQXC96UCtkWGVBTzhFaGxZbUN3VzA0b3FrY0dsYmczNGhoTkNmYkVSY21HVEV3ZCIsIm1hYyI6IjUxY2YyNWM4NGYzYTBkNmU5OGU4ODQ0OTM0N2UwYmFhNmVmMDA2YmUwZDRlNGM3YjM5NmIxOGZmOGM0MjU5NDAifQ%3D%3D; c=eyJpdiI6Inl3WjJpeXVhWFRYXC9uS2V5ZUVHaklBPT0iLCJ2YWx1ZSI6IlZyTDk2TTlSYWZwXC9SRDEyQ1dnbXVRK3owZ3hEWHJFOFhIT1JmbGR4M2g1UTVKSFRlblwvS0RoVFwvY0lyOW9oUGEiLCJtYWMiOiJlNWMwMGVlYWQ3YmMxOTUxMjI4N2M2ZmRjNjVjNmJkZThjM2U2OTcyMWQzNjZiZmMxOWZkOGZjMjZiODljZDk3In0%3D; _ga=GA1.2.1039730962.1628181181; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Imc3T0kzXC9VQVVmcHhcL0c2WFUwUGRZdz09IiwidmFsdWUiOiJ1QVlidHBOWDhaaU8yUEd0RjJQXC96UCtkWGVBTzhFaGxZbUN3VzA0b3FrY0dsYmczNGhoTkNmYkVSY21HVEV3ZCIsIm1hYyI6IjUxY2YyNWM4NGYzYTBkNmU5OGU4ODQ0OTM0N2UwYmFhNmVmMDA2YmUwZDRlNGM3YjM5NmIxOGZmOGM0MjU5NDAifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKR6jxXax2mgU085SOEQPfc%2FZei%2FgwR0ok603SjmnN%2F0clvjBlx4Bo1aB0bL6KwqjyP4cx6q2OHcs03u4AqJZFCdgFvOuSfgrvHh%2BOqmGdRS5GLFU5Yk3jFJkOTRSzU0VqyXygeJweZTGrE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjNCUlBIVmlxeXJ1QkNTV2VKM3RKZFE9PSIsInZhbHVlIjoiaG85Qkp6R0RsaEt3VmtFdWx1N3pBcXpnZTlGUGZcL3lhQW42akx2VHBMSFd2cFV1VGhnaTBuTnBSQWJFeThPak0iLCJtYWMiOiJmYWNjOGQ1NjA3N2MyNmVhMTQzM2Y4NWU1YTk4OTVjNDBjMWQ2MjNlYTM4MTdmMTRhZWQ3NjViNWU1NzM0Y2NiIn0%3D; expires=Thu, 05-Aug-2021 18:33:00 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImgxdnJNTkJ4K3pyUHhlRWNod1F0SVE9PSIsInZhbHVlIjoiK2l4WFFtS092RWtabEZYN1JOcXNxeGZTank2NVIrZkNpbnNHb1wvOE51UTVkZjZUM0tMSEw1RmgrY1JtN3UxUlYiLCJtYWMiOiJjZDQzY2M2ZjU0Nzg3M2JjOWM5M2ViZGE5M2FiOGIzNThlOWVlNTBjMzBkYWNkNjgzNDlhNjRlZDAyNWU4ZThiIn0%3D; expires=Thu, 05-Aug-2021 18:33:00 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cbb5f3005dc-FRA
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=2057108236&sr=1600x1200&ul=en-us&cid=1039730962.1628181181&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181180&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:33:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.24263080697590889&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-192660002-1&cid=1039730962.1628181181&jid=654647096&gjid=1121996862&_gid=1094384384.1628181181&_u=YEBAAEAAAAAAAC~&z=2108630576
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 05 Aug 2021 16:33:00 GMT
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame C966 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Bwbev9IsZfnXhM5KzA21F9Tifjln9OwVLSGC60XeNh4iKE83Z1_rCw==
age
1613790
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.5018292945632168
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=1039730962.1628181181&jid=654647096&_u=YEBAAEAAAAAAAC~&z=1569481157
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:33:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=1039730962.1628181181&jid=654647096&_u=YEBAAEAAAAAAAC~&z=1569481157
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:33:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:00 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:03:00 GMT
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:33:01 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:33:01 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:33:01 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56c9d927f289ae4217aedaeb0fc377be5825b5dde3d7356a060e51c8a2bd85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjNCUlBIVmlxeXJ1QkNTV2VKM3RKZFE9PSIsInZhbHVlIjoiaG85Qkp6R0RsaEt3VmtFdWx1N3pBcXpnZTlGUGZcL3lhQW42akx2VHBMSFd2cFV1VGhnaTBuTnBSQWJFeThPak0iLCJtYWMiOiJmYWNjOGQ1NjA3N2MyNmVhMTQzM2Y4NWU1YTk4OTVjNDBjMWQ2MjNlYTM4MTdmMTRhZWQ3NjViNWU1NzM0Y2NiIn0%3D; c=eyJpdiI6ImgxdnJNTkJ4K3pyUHhlRWNod1F0SVE9PSIsInZhbHVlIjoiK2l4WFFtS092RWtabEZYN1JOcXNxeGZTank2NVIrZkNpbnNHb1wvOE51UTVkZjZUM0tMSEw1RmgrY1JtN3UxUlYiLCJtYWMiOiJjZDQzY2M2ZjU0Nzg3M2JjOWM5M2ViZGE5M2FiOGIzNThlOWVlNTBjMzBkYWNkNjgzNDlhNjRlZDAyNWU4ZThiIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; expires=Thu, 05-Aug-2021 18:33:01 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D; expires=Thu, 05-Aug-2021 18:33:01 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a%2BhXNld%2F0Gs3r6RVFSniQLs7ygWMFdxhQnHlQAyxIbZTXjdwe3ZpY8HFMPQLd7mBBNGyeKDEVxZc9zZ6HNluGrkF5ctKouWOB0CTsdxZDzCuLdTvizd60Oi52vjWGaHA1Q0mG2KjwYKbmE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16cbe2d4e05dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1492
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2ByaDhEQl9zTsyipyJXwPQzFZBVkGfcMc5an%2FkrOztlRd%2FhqVxn2ObYQ6EBhWap0O2tMO6Wr44%2BxOqO5GjW2%2B4seW%2BqDPETRzJ6PIlNpHQd%2B419KlnYMIZZm5wC5I6dANXjJrs2BjloUuW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16cbfb85805dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1492
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ad8omUgtgV28IOfXMs%2FQzamJfXOMFumazY1vOT7rWi0Pr0EyAxXJZNg%2BjTAwa%2FrFW%2Fpq5U2j3FBZhdNjsUNGTHlz2swwUI%2BpX8Pi2oXtowhmVh3FtBrV%2BSlOxBNRZwmNVsyT%2BPXsYmKYBSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16cbfb86005dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:22:01 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1492
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92cj1k8opVwQc6pJu07ZZfbPAijORwDHHqpRpa8gpjWFac9RG4jwtlPELkwzg9Z3yuqGIzoK67d7YcazL83XGt7It0DzjQOWEz39aoE%2BJIqXUAmrvMckUcazbaujU6RBVHu3qfmZKXHGoTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16cbff8ed05dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1492
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ljeFwdjqDmdRynIlDXvOSQtByyf82czyUVUruQwUAo%2F8w%2FLc0qIrSvBAVkAcOSph9c%2F7aH88oPxiaksiJVbK5tirgM75iTHd2syj%2BRPNPUBFeM6Qohi64hD4M5g%2FU3SbHEHUV1ftavtHUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16cbff8ef05dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FJ8ehf29ywsmV5%2BrcNwPDyx9EmRB0vWxYkMyO2UuHm15T7FTcTWEjo6XA1K%2BiD68f7xIdtvFxv2D36ve5OX%2BiEYLjID56uP%2B8V0e9RjC21P0%2FeoEZQQ5Kck95GrAc8MZ5WXIT4e%2Bgx6714%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16cbfc89005dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:33:01 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1492
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwgpIqNjgjN%2BXbDO1W1Z53QoGjMl829kuBThenpYd%2FhRpfHpqOrArEUexQVeIiUXezIKjFPyOJWPH8%2Bbcw%2BzljFSknWpsFzK%2FF%2FDhavvIP0r39VV%2FTy51k4ZTeMAZxF%2BH36FGuY%2Fq3RJiA8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16cbfe8cf05dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Cw%2Bos5ccDt4KIrBblwTIR1qov2kjcl4gGBnZ7UvGslzGrW5eN1%2B12gs7sQ5TsiW06nv8KUM%2BWlNfgkwlgks4QgLjH3yPSVXNpw6U8lOkwTi5Id7hAs6wJfFeti7pEcEB%2FFjjgMzxLZvufE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16cbff8eb05dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:22:01 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:33:01 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:33:01 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
191
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qapFRqSfQZh%2Frl7UouDlLG8N6jkLLO7fbHka0nNRnReLB0rmhZpuD3SAZLgwIEpPBDR%2BEbRXm5zJhHtRM%2FO9sketrhJPR1rFpe7guZ%2FlgRwoaV2InZXzEAK0t3Qtf3YwD6PLXsTH1LRUZyFoGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16cbfff754e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:33:01 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.049668045558658
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
f8d14c868b11945d20f4a26d8d92a20a7fd6bec44f23bf3a318889b020d09197

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:33:01 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:22:01 GMT
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:33:01 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
bee88442c65c849f9f9d0b737473d469d59792592b28fa42cd257d6e1d105011

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:33:01 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ae7b5a78954bdfa4e4e0b90fe01ed2db172389cd13189d4d6dd011a91eb87e07
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:33:01 GMT
Server
nginx/1.19.10
Etag
3c17538a-f693-4ce9-8e76-83f2423574d4
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:01 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:01 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:01 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:01 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:01 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1aa6dadd8dca8ccedbcc0570be007111ae97c1e941f9a8f825dce28d3c5ccbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51134
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:01 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3387
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
39
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
gRkwQ3cqpAR2y-RTUldAkL8fM4GEDIj2gvmSomIW05U-hEj6MlEdlA==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.049668045558658
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC544E570C036CECFCB1FFD08DE107198&h=efd4065e53742d73702d19fd90ab7225&t=false&r=0.23331347390599455
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:33:01 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
locate
tgfunnls.org/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcNB%2Fi6lOmmqO1rM0yIgsG55zEdOEslw1%2FOjoVuJmsO8SltODc6PTuS9bTCJUzYZr%2FEz%2Bz6zVKm2lUVFLSEktATl0uJ6GqY3d3sZDul85J5p1W7lP83p46AKQ%2Br1gbnIQVaPOVOxk6uiHyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkVuMzRnWFhvSG55YXZaNzNmUmtoT2c9PSIsInZhbHVlIjoiUGRBMTFDSDBwY1lNRGJyOGlxZnhSN1BneVwvd0VoTXpUVmJ6VE9vZXo2cVJjNUhWQ09SdzdcL2txOVcxTXNzY0wyIiwibWFjIjoiN2NmZjM2MDgyM2E4OWFlNjdiZDliNzVkZjVhYmUzMzZmZDk0MzJlOGJlMjEyMjdmYzQwNWJiN2E0NTAwNzQ0NSJ9; expires=Thu, 05-Aug-2021 18:33:01 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkJVMTJOd01XY3hSXC9NR3lwYlkzWEl3PT0iLCJ2YWx1ZSI6IkJxRDFEMEZMWkVoMFwvbktPMGhqK1owekZsZXdlaGlnRE9PUTlKTHlUeGNZeWJZQVptN0syazUwSkhcL0dvOWNYNSIsIm1hYyI6IjVjOWRkNzE5NDU3OWIzYjFhY2I3MzNlYTU1ZTg4ZTFhZjNmZmNhMzMxNzQ0OGU5YmViOTE5NTBmMThkYzZmMmUifQ%3D%3D; expires=Thu, 05-Aug-2021 18:33:01 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cc0eaf205dc-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.0.1628181180.0; _ga=GA1.1.1039730962.1628181181; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IjlpUzhIUVF0aGN2clh5TDBnVzQzUHc9PSIsInZhbHVlIjoiZGNsNkloSGZvUHk1dWJJXC85TXNkZjlXNnhhWG9YZXc3cjhXTVNjTUdOUVc5KzBVd291WTBGOWlRUkw2dEdvRHUiLCJtYWMiOiIzZWMxNmEyNzc2MGY1ZWFiMDljOTIxODRkYWQ1ODQ1NWE3ZjNhMmFmNWI1MDc0YzcxZWUzMjE1Mjk2MmRlNzMxIn0%3D; c=eyJpdiI6IlJPbXVPOE5sNWVpWURyM0RZbjNrR2c9PSIsInZhbHVlIjoiQVZsTklnTlkxWmZ4dndBVTdpSjlYS3J6ZWMyMjZQRTJ0MGFiOTFTYlB2MzFiRXdiY0lvUkRSRXJVaFBpODhGSiIsIm1hYyI6IjI4ZWI4Yjc0ZTFmY2QzYzZhZmM2MDFkYzI0MDY2ZDMxZTdiMWRkOGE4ZjBmNzMxMmM4MDcxYjZhYmQ5ZDY1ZTkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VRyKFCnaVRwTsavtZCR0rX%2F4QPECcFBiJkxuVTpZLCLvYbT2bSyniMbUR4rP7Gn1blIhSbjU5WXPdsGXOennwD2vxsYLKzw%2FYdkrw%2FdBbYX0lrD615dWu0bvzWBhwGe%2F1QNa4W0slc%2BHFw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16cc0eaf505dc-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:33:01 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:33:01 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
5828dc80-07cf-4180-9ac9-2d7208d8369e
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/5828dc80-07cf-4180-9ac9-2d7208d8369e
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:33:01 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:33:01 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=95824197&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=1039730962.1628181181&tid=UA-192660002-1&_gid=1094384384.1628181181&gtm=2wg840MSK8GMG&z=183100390
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66281
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8096
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
hO30KvUKjtibPBW7f2TK0SsKqY9kwx0t6WhLxRQt8_2Ka9wkvyFDpw==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.41542853759264675&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.25711444154382534
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame F52D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
5ML22gUcZnufg2jeGDmWpgLNgfwsCyJ4afpfu09S5h8kiT21Ch343Q==
age
1613791
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IkVuMzRnWFhvSG55YXZaNzNmUmtoT2c9PSIsInZhbHVlIjoiUGRBMTFDSDBwY1lNRGJyOGlxZnhSN1BneVwvd0VoTXpUVmJ6VE9vZXo2cVJjNUhWQ09SdzdcL2txOVcxTXNzY0wyIiwibWFjIjoiN2NmZjM2MDgyM2E4OWFlNjdiZDliNzVkZjVhYmUzMzZmZDk0MzJlOGJlMjEyMjdmYzQwNWJiN2E0NTAwNzQ0NSJ9
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6IkVuMzRnWFhvSG55YXZaNzNmUmtoT2c9PSIsInZhbHVlIjoiUGRBMTFDSDBwY1lNRGJyOGlxZnhSN1BneVwvd0VoTXpUVmJ6VE9vZXo2cVJjNUhWQ09SdzdcL2txOVcxTXNzY0wyIiwibWFjIjoiN2NmZjM2MDgyM2E4OWFlNjdiZDliNzVkZjVhYmUzMzZmZDk0MzJlOGJlMjEyMjdmYzQwNWJiN2E0NTAwNzQ0NSJ9; c=eyJpdiI6IkJVMTJOd01XY3hSXC9NR3lwYlkzWEl3PT0iLCJ2YWx1ZSI6IkJxRDFEMEZMWkVoMFwvbktPMGhqK1owekZsZXdlaGlnRE9PUTlKTHlUeGNZeWJZQVptN0syazUwSkhcL0dvOWNYNSIsIm1hYyI6IjVjOWRkNzE5NDU3OWIzYjFhY2I3MzNlYTU1ZTg4ZTFhZjNmZmNhMzMxNzQ0OGU5YmViOTE5NTBmMThkYzZmMmUifQ%3D%3D
content-length
179
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IkVuMzRnWFhvSG55YXZaNzNmUmtoT2c9PSIsInZhbHVlIjoiUGRBMTFDSDBwY1lNRGJyOGlxZnhSN1BneVwvd0VoTXpUVmJ6VE9vZXo2cVJjNUhWQ09SdzdcL2txOVcxTXNzY0wyIiwibWFjIjoiN2NmZjM2MDgyM2E4OWFlNjdiZDliNzVkZjVhYmUzMzZmZDk0MzJlOGJlMjEyMjdmYzQwNWJiN2E0NTAwNzQ0NSJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VojLlvNCieuJ1DAwjNRo217G%2BTNDy84OrSIdZ9zzj%2FZfT6n1%2BsDVuJGri3HsYVMwsCRJqDlTah4x6s6hIDJyYBmRRuiS9fFECTBkDrIYMBFu75rg%2BCIVimpPHd38q%2F0%2BaeFR33d3t%2FKZVC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImFiOW9URFEyM290VHhJRklXem9ZR3c9PSIsInZhbHVlIjoiTkFHeFA3Z0dnWk0wcW51SW93VzRQdUg2QUZ2ZVdQeXZVZ0dxMkU3ZWs2cyttYThpQ1kyTGJBbEZVck9hQTMySiIsIm1hYyI6ImQ4YTFjOWU1MGEzMGZkYWM2N2JhNzljYTE0ZjA3YTk4NDcxZWU4MjgzNzMxYjQyOTdiZmI3YTZjMjhjZGZkMTAifQ%3D%3D; expires=Thu, 05-Aug-2021 18:33:01 GMT; Max-Age=7200; path=/ c=eyJpdiI6InBienJzTnl0c1lFNisrTThTZzlXaVE9PSIsInZhbHVlIjoid1hBVDB1Rjl5aU9HRHBWcGdLNjVVRmxtRHY5QnhBWFVKanByRjlMZmZSWGNVSEV3cmswQTRMZzJSRndnU2tcL0UiLCJtYWMiOiI3ZTZlZjBhYzU4NmM0OWUzZDhjMTZjYmMwYTYzZDY1NzU2Y2E0OWZmYjdjODFmMzZmMTc2MDFlNjA3YjY1YmY3In0%3D; expires=Thu, 05-Aug-2021 18:33:01 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cc1fd2f05dc-FRA
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:01 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Thu, 05 Aug 2021 17:03:01 GMT
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:33:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:33:02 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 05 Aug 2021 16:33:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
Primary Request /
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71a2d0e2fea0181c1ce6144dd034e5da1a255ee5fbca4d5eb1561b9860b65e4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6ImFiOW9URFEyM290VHhJRklXem9ZR3c9PSIsInZhbHVlIjoiTkFHeFA3Z0dnWk0wcW51SW93VzRQdUg2QUZ2ZVdQeXZVZ0dxMkU3ZWs2cyttYThpQ1kyTGJBbEZVck9hQTMySiIsIm1hYyI6ImQ4YTFjOWU1MGEzMGZkYWM2N2JhNzljYTE0ZjA3YTk4NDcxZWU4MjgzNzMxYjQyOTdiZmI3YTZjMjhjZGZkMTAifQ%3D%3D; c=eyJpdiI6InBienJzTnl0c1lFNisrTThTZzlXaVE9PSIsInZhbHVlIjoid1hBVDB1Rjl5aU9HRHBWcGdLNjVVRmxtRHY5QnhBWFVKanByRjlMZmZSWGNVSEV3cmswQTRMZzJSRndnU2tcL0UiLCJtYWMiOiI3ZTZlZjBhYzU4NmM0OWUzZDhjMTZjYmMwYTYzZDY1NzU2Y2E0OWZmYjdjODFmMzZmMTc2MDFlNjA3YjY1YmY3In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; expires=Thu, 05-Aug-2021 18:33:02 GMT; Max-Age=7200; path=/ c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D; expires=Thu, 05-Aug-2021 18:33:02 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20RuvLErOGCEjkDyj0v1DDjkpyfFSCTkcQRQMbzfUEXD7%2BPSn3cUoM8YRDbaoFC2KXVrUERNN7t%2BhPFPl5BWxxv%2FXigFM%2Fib7uCrL1%2BgYQOwGpllf8EpUyyD9bUb5y8Q3SwG53w8FQPLQBY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67a16cc3d97805dc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1493
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
W/"610c0880-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8HUGP88E0a1gGdPT%2F2pr1FuzjL0V%2FPwNjuzI%2Bb%2BmKoDF%2FgNJ%2Bz2X%2BmBNo8bzxKwbZMTVxDFfWNmyInMU4YOkgJ0hM%2B9fCf%2BaFYeQkpX183XUdjQ1FJOLitehYjpseBOvUtUaBLvnmGwtdA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16cc56cbc05dc-FRA
flow.css
tgfunnls.org/css/ 		385 B
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1493
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:18 GMT
server
cloudflare
etag
W/"610c087e-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnYK96yhAd9yto5gXFPp9R4T2DvOBqBXwzpD8sYDUakvn63kBIcOgjz1Rsz9CghiQuHN0ktUR1RMQM%2BrKdb9UZoYJ3OFoUWKeHdR0O1SMYVU%2BY6OwPn70HvICu3F2pIhKT2kxP1%2FjSZXjyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67a16cc56cbe05dc-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000049794a1-0060df28ef-12ed1804-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:22:02 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1493
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:44:45 GMT
server
cloudflare
etag
"610c076d-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9Air%2BSoOhOcsxNx6szNgo7lCpuYM6XAwRipfG6DR3J1CaxFdxhZtVHb7vyyuLU96NpEg5O95LfAXqh%2FtJljiwCU7JenV2DkD0M3HlqYbd8uJd8cWlOfLAnHCl5a%2FIlzJBwmuVjpWxLxcpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16cc62e3b05dc-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794ba-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b6-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bc-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794be-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b7-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b7-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bd-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592bc-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794bb-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592b5-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794b8-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a5-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049592a6-0060df28ef-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049794a3-0060df28ef-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1493
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BM6olAyw6JYH7e1UbYQHGuh6XBzI%2BZJgIl6gLfnsdZ4CAJoKNnHkyqb3ygtdR1JAVTfLxRZ4Po15%2Bc%2BQQyYlkju2OFtmjuaaKslFTyKDYxQ3GLsypFJxmmuYehN4sr%2FAXRUgfBFiR1zeeEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67a16cc62e3d05dc-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 14:21:05 GMT
server
cloudflare
etag
W/"610950d1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sBLTh8rwp535Gz0rY2Ac4%2FX76YR%2FipLQT%2B7s9aoqNXtb0c7BCcAYpTHwo7e48EbYfGKhNATJbfdCqNW5oVtp9Yu37cbDLdaDyGBSgclvK86zJMyjquRXiqXms6m5Gf9Jbx0BnozXb8I5Pc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16cc59d1405dc-FRA
vary
Accept-Encoding
expires
Sat, 07 Aug 2021 16:33:02 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1493
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:12 GMT
server
cloudflare
etag
W/"610c0878-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwEnuRCkcrd4SllZJUw5YEWiO%2BXkc5aolwV203FKp7IzvUmO2NuBzpsRwnlZP5JY8Rw5hZy9w8ilDDJSdLjaJHbk%2F9q1Rj2%2FitEamF7NYMIAUlmoMyHCx9s3rgMzC1i3jfe5mKP7vuT6qfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16cc59d2305dc-FRA
l.js
tgfunnls.org/js/ 		401 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=2fce19b964aac64916f7
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2667
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:07:44 GMT
server
cloudflare
etag
W/"610bfec0-6459b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBusPsPFimcO6f93VE9TssRhVrL00Ckx%2FjJZKmxfmv11XZx0GD2JotMm1QEWD4thok4qFZHKfcVS96%2BxOK9yviHc99GKQYFBirW%2BDkXJmEtdaHpDIsVpawr8XA2FOqvxYXPTmotkapF91Mc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67a16cc5bd6805dc-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx00000000000000495929e-0060df28ef-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Fri, 05 Aug 2022 22:22:02 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:33:02 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 16:33:02 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 15:47:47 GMT
server
cloudflare
age
192
etag
W/"61041f23-9787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chiS8rbNdxnA%2FaiCyj8TLCcea5H7EHOAPpV%2Bk7CeSVr9rCbeAy%2Fl%2F7iAEYUKMw6NzGUQ1RfpU4fv8a%2BQpbxmTvIznbt4%2BjNVnGLZLF0TVHVOr4%2FKDe1l1U9gkzxvy8Zw8PXhK1DdyeuqIez2aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67a16cc62e9d4e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41863
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Aug 2021 16:33:02 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8009091158304029
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
40fe9e8911daafa7d4f14f3f7302bee38429cd65ab185c28b2534d614a82f27c

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Aug 2021 16:33:01 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a8f778-0060df3204-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593a6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Fri, 05 Aug 2022 22:22:02 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000049593e6-0060df28f0-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Fri, 05 Aug 2022 22:22:02 GMT
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2206
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 05 Aug 2021 15:49:20 GMT
server
cloudflare
etag
"610c0880-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQv%2B17Ooyrt2ZU9eqTUxp1bTou3teMbq4dDXKBoUBZICu3yjbi7jZMwxR4uhyOmQVy56VcH6pq8vdstn90qRtSNFk8bMPivMlRyrJ4KlouFA%2B0gxOnsRs5Xx0stxv6G5WxjVrVobQ4Qghd8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67a16cc66ef405dc-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49418
x-xss-protection
0
server
cafe
etag
4685894835144933758
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 16:33:02 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
5fc95639e3f639666460e3b42a0b67e46574bf93da66656c4ce61721fa799c16

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:33:02 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
326f884245abd56f50b6ea9486480144413256243fdb81da3cfae7337ec452db
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 16:33:02 GMT
Server
nginx/1.19.10
Etag
3e14b2f8-2d42-4dac-86a9-717c7154e87d
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:02 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:02 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:02 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:02 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:02 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=2fce19b964aac64916f7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bc5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225; _gid=GA1.2.1094384384.1628181181; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=4a444d99-3c9f-4280-89f0-e080b31c123d; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628181180.1.1.1628181181.0; _ga=GA1.1.1039730962.1628181181; XSRF-TOKEN=eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0%3D; c=eyJpdiI6IitnaGwzM0xTRHZpR1VoNXBtTU5EWEE9PSIsInZhbHVlIjoiMk5jaUpvMU9vZjlHKzYxaHZTVmNmU2ZKSE1oTTBhQU9kQ2R2TlVuYkxVdlhnV1NpTnN1M011ZWZGQjZwWUw3RiIsIm1hYyI6ImJhNzQxNmI3ZmI3OGFmZDY1YWQ5ZGUwNWIwODg5Zjk2ZTY0ODY3MDQ1NTNkNTkxMzVlNDg4OGQyNWRlZWUxYzAifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Imd2Wk41TWY4MnpRZnFDNHZ6d0FsQnc9PSIsInZhbHVlIjoid1JYQnNueEZ3YlBNXC9yQ0FDUThncldjWWZBU3oweUQ4cHdPY3lBbXhpSG50MmgrZXBRVituUkhKeWVuelg1Q0giLCJtYWMiOiJkMjA3MDRkMzYyYjFmNDgwOWNlMGUxODJjOWJiMmM4NzBjNjY3ODA2MDZjMzFjMjZhNWI4NTFmYTczNGYzODhiIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJ7klvLWgisPjh7djGFGV1e9lHZIDwl%2FJPvzlDih2WZ%2Fe%2BM3SrlUazQmeAHhomkYLbNYPLt8L8VlUS60ae0O1M1yPPP84ms9hSoQ5obKUT03NkelRqW0c8ofd7SrUauckWTLBmWvvBnjlGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Inp4TGNBZ3FjaUh6bHFFbFB5WmtUWHc9PSIsInZhbHVlIjoicThkUVRsM1l5VDRZU0pSMDdLaTkyUVlQSjdtTTRsaHVqU3BWZGxjVU1ZVDV5NzlQbzJIV0x3RlI4N3pvRkNZaCIsIm1hYyI6IjEwMzk3N2NiN2Q1YTgyYTA0OTQxN2JlYzBiOWM3OTFhN2YyOGI2Yzc4NjI1MWQ2ZWFlZGU0Yzg3MjRmZTliZjcifQ%3D%3D; expires=Thu, 05-Aug-2021 18:33:02 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjZwd201WEtpeExcL3VXVG9Fc2FUb0R3PT0iLCJ2YWx1ZSI6InhXd1VZWkdxM1VPVUtIN3NmalwvM3pjUHF1XC9Ec1wvWjcxTHJwbHNNVXJqQlwvbFhmTXRNXC94M3h4MCtFMHRrNWF0OCIsIm1hYyI6IjZhOWI4YTVlNTNmZGQ4NjRkNjBjZGI4ZWYyN2Y3NWNjZjcyZDU5YjIzMTAxZDZhYTQzZmJmODQ4OTMwNjRkZmMifQ%3D%3D; expires=Thu, 05-Aug-2021 18:33:02 GMT; Max-Age=7200; path=/; httponly
cf-ray
67a16cc6afb905dc-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:33:02 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:33:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
7b7487c9-46ae-43b6-8076-6b97ae80327f
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/7b7487c9-46ae-43b6-8076-6b97ae80327f
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 05 Aug 2021 16:33:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 05 Aug 2021 16:33:02 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51135
x-xss-protection
0
expires
Thu, 05 Aug 2021 16:33:02 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3388
date
Thu, 05 Aug 2021 15:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 05 Aug 2021 17:36:34 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid=wis8ggh2qdjqf0i9i7jrk4ec&qze=3&aff_sub=IG22&aff_sub2=FTMG_ES_DAILY_ES-ART-005&aff_sub3=050821&aff_sub4=&tpsiteid=24220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:32:22 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
40
etag
W/511f279796452e0ecda5f92055ad75f8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
NDfoTAKbJPeFihyD-jAtUXBQXWyv4oXMZsRAMnZeefM53Ugn8QUgDg==
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
tag-18c0c42595158c9943ee0260eecc4fc3.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8009091158304029
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 12:22:27 GMT
server
gams1
etag
"610bd803-f3a3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62371
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC544E570C036CECFCB1FFD08DE107198&h=efd4065e53742d73702d19fd90ab7225&t=false&r=0.255064438588704
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Aug 2021 16:33:02 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1466197707&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=1039730962.1628181181&tid=UA-192660002-1&_gid=1094384384.1628181181&gtm=2wg840MSK8GMG&z=803283850
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 22:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66282
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
event
tgfunnls.org/ 		0
0
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		0
0
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.26190589754128113&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-18c0c42595158c9943ee0260eecc4fc3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:33:02 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		0
0
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 9AEC 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dev.visualwebsiteoptimizer.com
URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=181327631&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3Dwis8ggh2qdjqf0i9i7jrk4ec%26qze%3D3%26aff_sub%3DIG22%26aff_sub2%3DFTMG_ES_DAILY_ES-ART-005%26aff_sub3%3D050821%26aff_sub4%3D%26tpsiteid%3D24220&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=1311088915&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=60049091&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=897131506&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
cdn.pushcrew.com
URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=2068472237&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=1295041459&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=1479278165&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=765791219&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=1200485139&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=1156516971&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=132334631&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=1666333875&sr=1600x1200&ul=en-us&cid=673974121.1628181169&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181169&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe840&_p=95824197&sr=1600x1200&ul=en-us&cid=1039730962.1628181181&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628181180&sct=1&seg=1&en=page_view
Domain
tgfunnls.org
URL
https://tgfunnls.org/event?hitid={clickId}
Domain
script.hotjar.com
URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Domain
dev.visualwebsiteoptimizer.com
URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.3884718667809923
Domain
vars.hotjar.com
URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| s object| dataLayer number| settings_timer number| _vwo_settings_timer object| _vwo_code function| RegistrationFlow function| _ object| intlTelInputGlobals object| intlTelInputUtils object| tracker object| vttjs function| WebVTT string| AFKClickUrl object| container object| link object| google_tag_manager

11 Cookies

Domain/Path Name / Value
tgfunnls.org/ Name: c
Value: eyJpdiI6IkJVMTJOd01XY3hSXC9NR3lwYlkzWEl3PT0iLCJ2YWx1ZSI6IkJxRDFEMEZMWkVoMFwvbktPMGhqK1owekZsZXdlaGlnRE9PUTlKTHlUeGNZeWJZQVptN0syazUwSkhcL0dvOWNYNSIsIm1hYyI6IjVjOWRkNzE5NDU3OWIzYjFhY2I3MzNlYTU1ZTg4ZTFhZjNmZmNhMzMxNzQ0OGU5YmViOTE5NTBmMThkYzZmMmUifQ%3D%3D
.tgfunnls.org/ Name: _ga_Y6C8Y8V9BH
Value: GS1.1.1628181180.1.1.1628181181.0
tgfunnls.org/ Name: XSRF-TOKEN
Value: eyJpdiI6IkVuMzRnWFhvSG55YXZaNzNmUmtoT2c9PSIsInZhbHVlIjoiUGRBMTFDSDBwY1lNRGJyOGlxZnhSN1BneVwvd0VoTXpUVmJ6VE9vZXo2cVJjNUhWQ09SdzdcL2txOVcxTXNzY0wyIiwibWFjIjoiN2NmZjM2MDgyM2E4OWFlNjdiZDliNzVkZjVhYmUzMzZmZDk0MzJlOGJlMjEyMjdmYzQwNWJiN2E0NTAwNzQ0NSJ9
.tgfunnls.org/ Name: _hjFirstSeen
Value: 1
.tgfunnls.org/ Name: _vis_opt_s
Value: 1%7C
.tgfunnls.org/ Name: _vis_opt_test_cookie
Value: 1
.tgfunnls.org/ Name: _ga
Value: GA1.1.1039730962.1628181181
.tgfunnls.org/ Name: _gid
Value: GA1.2.1094384384.1628181181
.tgfunnls.org/ Name: _gat_UA-192660002-1
Value: 1
.tgfunnls.org/ Name: _hjid
Value: 4a444d99-3c9f-4280-89f0-e080b31c123d
.tgfunnls.org/ Name: _vwo_uuid_v2
Value: DC544E570C036CECFCB1FFD08DE107198|efd4065e53742d73702d19fd90ab7225

2 Console Messages

Source Level URL
Text
console-api log URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js(Line 1)
Message:
Push notifications powered by Aimtell. Learn more at https://aimtell.com/developers
console-api error URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js(Line 1)
Message:
[aimtell] Browser does not support push

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pushcrew.com
dev.visualwebsiteoptimizer.com
in.bd44.fun
in.xr117.xyz
it.funin.digital
my.rtmark.net
pagead2.googlesyndication.com
planet2.digital
s3.amazonaws.com
script.hotjar.com
static-13333.kxcdn.com
static.hotjar.com
stats.g.doubleclick.net
t.fxtrading-info.com
tagdatax.com
tagdataxrt.com
tagstaticx.com
tgfunnls.org
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
cdn.pushcrew.com
dev.visualwebsiteoptimizer.com
script.hotjar.com
tgfunnls.org
vars.hotjar.com
www.google-analytics.com
108.128.72.146
13.224.96.104
13.224.96.118
13.224.96.91
139.45.195.8
18.195.123.247
18.195.174.160
2606:4700:3033::6815:3d08
2606:4700:3033::ac43:bc5b
2606:4700:3037::ac43:8a06
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c07::9b
2a0b:4d07:102::1
34.102.183.26
34.96.102.137
37.48.68.71
52.217.76.182
0355cc14bab476b0dd48a2a8003eb8a1de208838d6053db627cbe000b94dae74
045a17b5309a171cf381fb45ac24cb6edfc7913cc7d45a803cfdb71b8fa6d4a8
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0b3efc2e3cfb587d2c1a24bbb6cac4d720964e8c288a7629896a6d0d6194d2e0
0d73a8d6e1b50216873fd17d01943c1500fef1de2f8d6c32eacd3828de06ebb0
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
11c803ac65f0445f6058cacb6a690f4772cef507be52622f2339def262bac4dd
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
143cfc4551d451c96f865f9981b81776fc7331d9123a098c39c833ae232e474e
16465b3b0b421fa648fe283387a5729156274e1fa0b14c2277816407eef4676f
1748109c3d884e5999c4cd98b021a90a6bd92dfb69ce509cea2f88272829ef7c
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
1aa6dadd8dca8ccedbcc0570be007111ae97c1e941f9a8f825dce28d3c5ccbf7
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee
1e9670293cc4d30ea9917a1e4cbe11432dd393127be940a803b487d87f1ae26a
2152bf5d624c7d7af03349c8e333b919ae8aa4beafc86e8cf6460b61d59ccc5c
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25da10f66e05aa24de502e97b9f26487fa76213406ea469ad6fbd61e4fff924d
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
2871f473e065e70c47fb2846b52439ab82217c9ab4629a1da687f09ea575154c
28c6fc5a5c7ad94ec73976a669da7eec3c1c646866e0b59211d59d886c5ae9b0
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78
2c3b444c42b67663aa050f5ce2a61415644b0f8442a655f8641732c8717faca8
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910
326f884245abd56f50b6ea9486480144413256243fdb81da3cfae7337ec452db
36aafe9da08d24d9d03164759d1f83487935fc68106c4506bb974ec423d08bf6
383a38eb3521213ce7fd1c6e601fe90e89a3d294c10fda4d89057757be653956
3955d42c321fbe81060b58a781977863d35a896c23098c8885c846ca6509dc8d
3a3fdda93c71d19438b22fb57873bd3dd2662a0f2b3993f9270388d11ef425ab
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
40fe9e8911daafa7d4f14f3f7302bee38429cd65ab185c28b2534d614a82f27c
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
451d97c9884e0defc1a912c31a9f7c9d6d0bb824223e6c61418ef9c2777fa367
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
478f7672809d30ff976c0e43e180a42b5055c76729ea2f570d4604fbec96ed1d
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
4b783818e7b30ce12f58bb89704956f488f4896443993a887837f7f366bdc7dd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53b71910b9b6e5814fb2b7f56bd3ea2f37d760c611d34c0501f479c0f826a63a
54464bb5949fbf30e01aee5770fa65c8a55470ffec48b94851dff7db47964974
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
5fc95639e3f639666460e3b42a0b67e46574bf93da66656c4ce61721fa799c16
62720bf79ec388c25e96b69f10900140ef5de448497af3bdac944bbb32ecefb2
655d9f3b2fc094b1cc4a4ccb83e662af7e5920bf77ac351a0b7911f02b26087f
67f840b94aa65d47e8c6b297c0748094d6bed1d8a6f0b6e6cfb7deb43b9052bf
6ba53dd2547c684e0b8a2d4f07acc1e9c9f1851aa396a05d3cda3d92110ce95e
6c4e8c09c0a3d443b2e459079fca22c162fc2e51ae11e888ee86442bd44c1b35
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634
71a2d0e2fea0181c1ce6144dd034e5da1a255ee5fbca4d5eb1561b9860b65e4d
71c1c5977183f8ec92aef984d221f6780c3058b532461c379bc95b1cac18b9e1
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
7ebf9aea91580923f108d8e9c9fa03581c3c58fcd1ab8712d4ed593fbde60062
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87aa8c6bb2611182a941d72bb0274339901da728624efd0ba60ee3d91c2f0a22
88589a3105395d8e9f05b61be662a99cf1ca5da9f72cbf0fe8716da8ef353a1e
8aa8a188debb8b2085b0682c467eedf72e7534c368ce34d12682a5cfc36e779e
8cdac7601623f54e7e7a20969eaf93ad8a178fcd75439a3b8698c02db20e5915
8d69907759dd859bbef65ad307912ce0213cd674b07a3a20d5826acfea05dc25
8e727458058d2c1195197b4b8a8657f697791a8609b1d517314dd7566cb1011f
8f251687ab05b7d73679860fce21c7f73f8dd9b01aa69b571e008861249878cc
90bd608ee2a9d4b953634b7a8d652231152773b6721b6af1a01fb167e9b2fc38
9276f9f18f7a3375aabb111e433fdbbe6e9b82ff92ec03e38f4fbad6d039abf2
94fbc851b11a53e0c5d9f8dd9567a2745061863a53dbbed54274006dee97f4c8
9721492034d54f527ac54c65aa9c66d79a2e3f0edf753d7040a3f3d49788ff12
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
a04c426bfe3c8fd89a6f464a986e5b6e40788b9b0071005c196ff53a0a26f129
a0f29f6eb73f917d6bb864e349dec5da3d133141437ef975af161e2690ffe1e9
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
a8d2b3e16237e33c3f6d393bf1e5764d75f1c6a58d4132c44d907f30a14fe275
a9c80b281cc1d2444016f906b5570f6a8d9e519b3f4d22f377162dec10aa4e85
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa0b0242cb6bb745f5021b266ddff12095a9d0e626fc32616151c6f91a83e402
ad29b579aa61cf926a61bfd83d384cd166af41bc042bc6aa4bd595bf40d3976a
ae7b5a78954bdfa4e4e0b90fe01ed2db172389cd13189d4d6dd011a91eb87e07
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
b0b38bfd020af6d1619b15a9a7642bcb8568072cf19b302e994838622e4f8a14
b1c5107eca2fe852ad12444d79f6c5411ec312c0d6b717c72843a8a896fd965f
b4d44ad5bc3c861564ae89e37e546cf1eb8f8ee1b8ecd21dd754b85128015e32
b6a6463b285c1fdc27b7022ff01564762e81117074a3f3781cc931fe389afc70
b8f60a107f90c6d0641c8e2926b61914b66d783aeb297c660b60dc47be50c430
bee88442c65c849f9f9d0b737473d469d59792592b28fa42cd257d6e1d105011
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
c0dcaa288d7443af6f7a2a7b649169a522483b98cfc69f6313b8d84ade42388c
c13b33a4e50ee85ae86ca4a24ea83afb9bc1d9ff46e3b088cbfaca3588aa09e1
c197a3c6150a5d97b2bbf573ea64f701a7dc8b070c41f9abe8c2715aa155f51c
c281534289b927590c5c7461288f0a406854993adcce2d8f98acb4fad5710c81
c4aa6629837d7279b1b5693bc1e6f5f10f690598250f80644eb0eb27c417fb69
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
c52f07c64331e4ba4ced4ae100a81c7ffa8fc6b87e5aa03178cdbea531bc6d07
c796e95c69f8c4d0c28b24b8f60df96ba0207cef3ee6c716847f823b0f3ccf9c
d2251a7b03f5e24e40ddbcbd526c5d6aa082443a8f57ad52b9b970fc17d31e9b
d2bbed3a1df3444a8be2a1dffe7ebe23b2561d6bb2a9ae30c765679b542ab661
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
da5c381aa8c72ee95024db25f3f54c5abfa61a9230cfe7716ff5e19b549a243c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56c9d927f289ae4217aedaeb0fc377be5825b5dde3d7356a060e51c8a2bd85b
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e77a3e5ff0540fd136302199a14031effb3688dcd81530f506e3753638b1920e
e85d4db1769e0c538d5b3d07ab40d6fc1b3da5885eac205225ce466276791f26
e8a665363deeceb06c9807ee73785b6ba99f3669e6479e56c00e8006c7a24e6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
f5a84a100cb4d5253d71a3af35b9ca6dad21b3dfd7fd18053935fa66cc6b0ffa
f8d14c868b11945d20f4a26d8d92a20a7fd6bec44f23bf3a318889b020d09197
f9398024e4fd49851a4ff32f6341c0901c68545b62d40b0389aaa1dd9d07dd1e
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856