dusty.c21resultsteam.com Open in urlscan Pro
44.240.57.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dusty.c21resultsteam.com/
Submission: On March 10 via automatic, source certstream-suspicious (March 10th 2023, 7:08:45 pm UTC) — Scanned from DE

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 17 domains to perform 105 HTTP transactions. The main IP is 44.240.57.64, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is dusty.c21resultsteam.com.
TLS certificate: Issued by R3 on March 10th 2023. Valid for: 3 months.

This is the only time dusty.c21resultsteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	44.240.57.64 44.240.57.64	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:829	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2600:9000:224... 2600:9000:2240:a600:c:7a7f:d040:21	16509 (AMAZON-02) (AMAZON-02)
2	52.216.29.52 52.216.29.52	16509 (AMAZON-02) (AMAZON-02)
3	65.9.66.120 65.9.66.120	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	52.218.201.26 52.218.201.26	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
5	35.169.178.236 35.169.178.236	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
12	99.86.4.5 99.86.4.5	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	35.190.25.25 35.190.25.25	() ()
105	22

6 44.240.57.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-57-64.us-west-2.compute.amazonaws.com

dusty.c21resultsteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:829 (United States)

ASN13335 (CLOUDFLARENET, US)

js.convertflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.convertflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:2240:a600:c:7a7f:d040:21 (United States)

ASN16509 (AMAZON-02, US)

d2hnwe88wt837l.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.29.52 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

yl-clients-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-120.fra56.r.cloudfront.net

perfalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.201.26 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

yl-malabar.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.169.178.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-178-236.compute-1.amazonaws.com

widgetbe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.86.4.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-5.fra6.r.cloudfront.net

api.perfalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.25.25 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	cloudfront.net d2hnwe88wt837l.cloudfront.net	644 KB
15	perfalytics.com perfalytics.com — Cisco Umbrella Rank: 38624 api.perfalytics.com — Cisco Umbrella Rank: 41938	144 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	233 KB
7	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 351 ajax.googleapis.com — Cisco Umbrella Rank: 305	251 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2388	21 KB
6	c21resultsteam.com dusty.c21resultsteam.com	511 KB
5	widgetbe.com widgetbe.com — Cisco Umbrella Rank: 119676	273 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6069	625 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	625 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 346	12 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	2 KB
3	amazonaws.com yl-clients-prod.s3.amazonaws.com — Cisco Umbrella Rank: 416209 yl-malabar.s3.amazonaws.com	52 KB
3	convertflow.co js.convertflow.co — Cisco Umbrella Rank: 41803 app.convertflow.co — Cisco Umbrella Rank: 48058	85 KB
2	mixpanel.com api-js.mixpanel.com	473 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3011	18 KB
105	17

	Domain	Requested by
30	d2hnwe88wt837l.cloudfront.net	dusty.c21resultsteam.com
12	api.perfalytics.com	perfalytics.com
11	www.googletagmanager.com	dusty.c21resultsteam.com www.googletagmanager.com perfalytics.com
6	maps.googleapis.com	dusty.c21resultsteam.com maps.googleapis.com
6	dusty.c21resultsteam.com	dusty.c21resultsteam.com d2hnwe88wt837l.cloudfront.net
5	widgetbe.com	dusty.c21resultsteam.com widgetbe.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com dusty.c21resultsteam.com
3	www.google.de	dusty.c21resultsteam.com
3	www.google.com	dusty.c21resultsteam.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com dusty.c21resultsteam.com
3	perfalytics.com	dusty.c21resultsteam.com perfalytics.com
2	api-js.mixpanel.com	cdn.mxpnl.com
2	www.facebook.com	dusty.c21resultsteam.com
2	app.convertflow.co	ajax.googleapis.com
2	connect.facebook.net	d2hnwe88wt837l.cloudfront.net connect.facebook.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	yl-clients-prod.s3.amazonaws.com	dusty.c21resultsteam.com
1	cdn.mxpnl.com	perfalytics.com
1	ajax.googleapis.com	js.convertflow.co
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	yl-malabar.s3.amazonaws.com	dusty.c21resultsteam.com
1	js.convertflow.co	dusty.c21resultsteam.com
105	23

This site contains no links.

Subject Issuer	Validity	Valid
dusty.c21resultsteam.com R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
perfalytics.com Amazon RSA 2048 M02	`2023-03-01` - `2023-10-10`	7 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
widgetbe.com Amazon RSA 2048 M01	`2022-11-04` - `2023-12-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-18`	2 months	crt.sh
*.perfalytics.com Amazon RSA 2048 M01	`2023-02-24` - `2023-10-10`	8 months	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://dusty.c21resultsteam.com/
Frame ID: 35AD261D8188B6190341203C84532669
Requests: 97 HTTP requests in this frame

Frame: https://widgetbe.com/widget
Frame ID: 2042AE19AEF0C51F410A947581633F24
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Search

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

105
Requests

100 %
HTTPS

68 %
IPv6

17
Domains

23
Subdomains

22
IPs

3
Countries

2383 kB
Transfer

5876 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dusty.c21resultsteam.com/ 490 KB
59 KB 693ms
288ms Document
text/html 44.240.57.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dusty.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 44.240.57.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-57-64.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: 2efaf80128e795bf79a2560fa74ed9a912002df9c833d8bb31d2fed13b4d22ad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 10 Mar 2023 19:08:38 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 28791.js Show response
js.convertflow.co/production/websites/ 474 KB
83 KB 481ms
411ms Script
text/javascript 2606:4700:20::681a:829
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.convertflow.co/production/websites/28791.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:829 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8986388797222d6db48a4342c49ecc2d7b321ec416cfab1a92c33e2cd9929c9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
x-amz-version-id: uoo_UbPLJl36EOW.axtmF1.vlrWLw4SY
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D51JFT3D9021CK77
cf-polished: origSize=686614
x-amz-server-side-encryption: AES256
x-amz-id-2: d/leRwvOYUnDXSnZwJyMFqQH+JDZ1N1P5yNnq3RNSzKp2jtl+0jWUB1olroPe4q32np1GR1sP+NOvltKwDYvxA==
cf-bgj: minify
last-modified: Fri, 10 Mar 2023 00:09:58 GMT
server: cloudflare
etag: W/"fc99198be5d0b00bc16adaa108ea1c32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbAEE14F3OdJc5mJUhhZEt6pVvqDPgrvLPgc4oBuiKgcpHV5a7RN2cAHOcLHnn%2FuxCa1vm8RyIDpL2qu2fJ0PEE9jfxlsO1wyRxQTt5jKUhR4qWROKOoR6o4hk8oDzQE2vtEAn1LgLQSYKdZV%2BH%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=30
cf-ray: 7a5dd8f35c57bb7d-FRA

GET
H2 200 e21a1df206d433b102a1.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 966 KB
296 KB 113ms
50ms Script
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/e21a1df206d433b102a1.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d31eec2ccbed98adc9d9fac6464011833e123fd52b61fbb48d8f1ba7f750e1c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:47:28 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 84071
etag: W/"bda443863d23aed698cb5f2e86a78e0a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: RA1IYMlT3pp9hBV1HtBodbiosBAuwRBCvSIJ_WPT44Jr7QTMvbAi1A==

GET
H2 200 5ca88c9d8850822baf93.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 440 KB
111 KB 94ms
31ms Script
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/5ca88c9d8850822baf93.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87d6a6a994c5354a20014745aee8fbc153e52bf5320ece5d2a1212ff65b3e9b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:47:28 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 84071
etag: W/"fd26d4e5c2cc0d264d856f141ef8cd34"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: -IBgRIQdE4Pabj0IZXg73_CY7FoCxWiG25DxieVit6u5d8cJNPJM9w==

GET
H2 200 3c4b90fb06f406220eed.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 3 KB
2 KB 113ms
50ms Script
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/3c4b90fb06f406220eed.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dea127d1a184ded7c443a0d60944a944904e7b6490c2b2f06420c2801704634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:56:41 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 17:53:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3719518
etag: W/"f952d6e678661b8a2fc7b355fb837588"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: tiFibynWWZAM5xA4pH83hS5zGM4YPw6E3zYcCq6EYeeMkKJ5-JzQlg==

GET
H2 200 a63e7c1bedf539997cdd.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 5 KB
2 KB 87ms
25ms Script
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/a63e7c1bedf539997cdd.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cef8a6dc87bc92626b848768f12cb14cc360fe8e589e7806ea67e4d149489fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:40:34 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 18:36:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1297685
etag: W/"4a403330d430e01d1870b32872c08ad0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: EQr3TRs3v-e9IHGYue3XIH4-39f_xC_v6a_BSn2wzrrgWhzQsU-THA==

GET
H2 200 9d0d5c162226cb0da1a2.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 5 KB
2 KB 86ms
23ms Script
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/9d0d5c162226cb0da1a2.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4cccdd8a6d7a187002a9298580160f84231c4cd78ad665831a6551041b3cccd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:40:34 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 18:36:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1297684
etag: W/"4c73643c9258f0789cfba59059e02c7f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: 34PjDvrG56lt5JZTk_Nz2cywv4kYFsud1z-MWWMgKUn28O48HhHk4g==

GET
H2 200 3545e623119458b50c53.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 3 KB
1 KB 113ms
51ms Script
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/3545e623119458b50c53.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94aed2dba84c5fc8d8d25767d083df06c7f3c0332f7af580ec1d0b6a3dfcd847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:54:18 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83661
etag: W/"df34dad7b4fd4de29a98736ef67c8ccf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: MjEqLPACWfsZEn3bQHZqgeEA1KxQ8LG0mmNnbH1zVZAkvRVb4Lv4eg==

GET
H2 200 34d8c79a3957c2962b7c.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 8 KB
3 KB 88ms
26ms Script
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/34d8c79a3957c2962b7c.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d783ca3a08c742b09d02d3f06498bc58d467813291a4eb0ee6f23ea7b90126e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:54:18 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83661
etag: W/"0ed6ce91ebecc171d7aa746842ce405d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: jn2UfiZBHRNATYDQOaTUo86CsPG1VHOYKYDktKMJdl3tJVic5JZJaw==

GET
H2 200 5a5243f5b9554aea72fd.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 169 B
547 B 87ms
26ms Script
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/5a5243f5b9554aea72fd.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5cf2b1effa29b87caae09f62470352b87e6f7c8e0c661daad25f44d1428aaf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:54:19 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83660
etag: "0d86e1b99155a30f3927013b77085c9c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 169
x-amz-cf-id: hNISQoPUIWgqq_G8RSv39OAHOWCApnhrqwsIIqftrotfAHRjGky2zg==

GET
H/1.1 200
OK 4310fd21-9933-49f8-8ad8-654293f98943Terry%20Swanson%20Header.png
yl-clients-prod.s3.amazonaws.com/ 26 KB
26 KB 368ms
123ms Image
application/octet-stream 52.216.29.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/4310fd21-9933-49f8-8ad8-654293f98943Terry%20Swanson%20Header.png
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.29.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2839dacab949e77b39bf40b76aa1cc7370f437996faed2a2734b7d7e7028a1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 19:08:39 GMT
Last-Modified: Wed, 01 Jun 2022 02:11:17 GMT
Server: AmazonS3
x-amz-request-id: B4FB6AE47KZE1GGX
ETag: "65aae67290dd1f4d68151e1dc3289137"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 26661
x-amz-id-2: KefptvkAPTzWWGVmgXQF69HnOydcxTD70EpLi6wSYXPJwAygDJcF54DcJFlw5XTkEKiWKnI37PE=

GET
H2 200 freshpaint.js Show response
perfalytics.com/static/js/ 111 KB
36 KB 95ms
30ms Script
application/javascript 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/freshpaint.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e3e5570293d6cff859e82f66a95ffa47cb162c95847191dbe0f6fd2e8caa673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:11 GMT
x-amz-version-id: xE_ftWG_.2dWA7kX.IVoqPNapzbJYvbY
content-encoding: gzip
last-modified: Thu, 02 Mar 2023 18:13:49 GMT
server: AmazonS3
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
etag: W/"606b4e9415a2de2f62c1e353a2bf9ca7"
age: 28
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ERgAydJbFjDxp9EAn249IDQJhVoK2zeneELVaSnsnZCLLV6H8TtZHA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
78 KB 102ms
43ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd1b81a7ad769bd94220cb2e09513c9403aa1e0b174a7790b80fd88e7a29be7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79599
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Mar 2023 19:08:38 GMT

GET
H2 200 9887bd62a2599c4ef9ac.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
20 KB 154ms
151ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/9887bd62a2599c4ef9ac.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:11:43 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Mar 2023 19:07:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 345416
etag: W/"f423dd086b7e21e553a6321401e16855"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: QysWaiQMRFDpfxGsFhMBv4hBBSiWjxeqBWKE9NCwhnhlNPsOcCTdtA==

GET
H2 200 4dd833363c6bd7a2a8d9.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
50 KB 154ms
152ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/4dd833363c6bd7a2a8d9.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:11:43 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Mar 2023 19:07:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 345416
etag: W/"fae1c514c02b5c980256ff75d6a9b296"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: umW0PMQORaDKDgEZe4CwdgFlhoVVAF8yh_KFqLTIJL0dRlYacFWM1Q==

GET
H2 200 cd5b8c25930529fb540b.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
16 KB 170ms
167ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/cd5b8c25930529fb540b.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:11:43 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Mar 2023 19:07:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 345416
etag: W/"845e7babb297bebdeb3cad6e6150bd91"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: DKxDSKpasOGcEf0m6Xn5clG-eaophN96TbGOisf6e1r-7Nb47fuqdg==

GET
H2 200 f4eaace558edd8ee0fb3.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
4 KB 162ms
160ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/f4eaace558edd8ee0fb3.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:47:28 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 84071
etag: W/"f19b1be6a8d33a902eead5d9206f1447"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: eeOtTqQGmN024UWOcu_X43-jtY8D2YFUtDC8BcifP4ZVWPTpI_JqIw==

GET
H2 200 e2871fdc633c3bb35b60.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
28 KB 173ms
171ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/e2871fdc633c3bb35b60.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:47:28 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 84071
etag: W/"be11ce72a2ba81793b0871e65f48d9b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: -GKcNsxTLnnHRAaTW_YxSXlm3Q5YN8BxDEhJTRkhGhBJZK1ylFhw3Q==

GET
H2 200 32c029a346eebb96b431.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
14 KB 159ms
157ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/32c029a346eebb96b431.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:47:28 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 84071
etag: W/"8bef61535f2fceaaac85d2b4e045b7e8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: hQYdeRdPpG55hym6Ey9-epLD0e-Lmo2bj9Ffm8SF_nD-aCCeH6HNQA==

GET
H2 200 19be4d9971037edea463.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
3 KB 179ms
177ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/19be4d9971037edea463.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:47:28 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 84071
etag: W/"cc0ab51140b369f771614ef66d8805dc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: mYUbEpqp4sGj_M1D_g91bh3r7A5a5u3-QBplCS-H6QcyAuqzikAbcQ==

GET
H2 200 5653286c4fd39fb4e920.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
10 KB 176ms
174ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/5653286c4fd39fb4e920.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 09:59:55 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 18:51:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 378870
etag: W/"3988461ad7ad0029ce09460d63a17539"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: GMtPctcb72YOuzAL2M6vyjyrub5rtgROkp9Iih9m8Xtz-Lh7uoAmkA==

GET
H2 200 a40399cb8ee449dbbc25.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
12 KB 183ms
181ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/a40399cb8ee449dbbc25.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:53:20 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83719
etag: W/"1e7043e3f226c8e907f7f83549ffd1ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: TWwij7gJhttpF7dwPYLeg8jV9oaPpjT-_ezp31luoR5_g2izrC8iPg==

GET
H2 200 a63e7c1bedf539997cdd.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
2 KB 155ms
153ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/a63e7c1bedf539997cdd.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:40:34 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 18:36:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1297685
etag: W/"4a403330d430e01d1870b32872c08ad0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: XBoD6pKIgCWSCZghNtWcSQvu_ZSlgRaaCdaSdPHJ1AJ5Qsvrln8V0w==

GET
H2 200 9d0d5c162226cb0da1a2.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
2 KB 156ms
154ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/9d0d5c162226cb0da1a2.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:40:34 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 18:36:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1297684
etag: W/"4c73643c9258f0789cfba59059e02c7f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: a0PreMKtel8uPPfINf9kO5T9gz1Knd-PjVOo_Cdg4aSTYY1sORo-Pw==

GET
H2 200 ee71c54fef40f2f92882.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
40 KB 188ms
187ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/ee71c54fef40f2f92882.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:54:18 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83661
etag: W/"ab3f14261923cecab606a47073efc446"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: TsqgdG47s8JErFomFO-2eC8LSuEyWOO1LWO3jDTvFDqxFYxTvSeTUg==

GET
H2 200 3545e623119458b50c53.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
1 KB 156ms
154ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/3545e623119458b50c53.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:54:18 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83661
etag: W/"df34dad7b4fd4de29a98736ef67c8ccf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: XwvXlfCal807uehT_n-0_vtqvRxLVWcQN9M17Yi8zRwyRBUU8zVZHQ==

GET
H2 200 34d8c79a3957c2962b7c.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
3 KB 156ms
155ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/34d8c79a3957c2962b7c.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:54:18 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83661
etag: W/"0ed6ce91ebecc171d7aa746842ce405d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: 3LLatzwBdjAXHiTrgctOOPB3xVuwPrLI_7D9wpK6oOS0GIB_5K_4cA==

GET
H2 200 f6fbc7fec8b00982a4a9.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
2 KB 190ms
189ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/f6fbc7fec8b00982a4a9.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:54:19 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83660
etag: W/"e11207e27338603ce1b7343e88d1ca66"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: hl65VoUqaxDl493KFF9iJl8VFI-qqQXzzYn7Uz3EMo-zkbchxGRi6Q==

GET
H2 200 1894a7ad5ae98e0c975b.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
4 KB 191ms
190ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/1894a7ad5ae98e0c975b.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:51:06 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83853
etag: W/"f759705e5c722c13aa9617b21ecf0836"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: oVf6NNPjqliaj8EAYo0OvrKJU5K9v9DuaXiqMkfjPqpW9u-ml5pInQ==

GET
H2 200 5a5243f5b9554aea72fd.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
548 B 157ms
156ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/5a5243f5b9554aea72fd.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:54:19 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 19:43:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83660
etag: "0d86e1b99155a30f3927013b77085c9c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 169
x-amz-cf-id: GC5ApfD4BnRHNGWZHyhYkUXJzXDk1-7iZ-jQcyP_fzXG_sWW-L60mw==

GET
H2 200 a7baa64faec1d11caf75.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
2 KB 195ms
193ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/a7baa64faec1d11caf75.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:40:34 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 18:36:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1297685
etag: W/"97aa6d94143aa180806b9c3cf62e0922"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: n4t8TIO1hnV-80RdkpQfyKaGSZn-Jj82ancHGdhrNxKIaoU6lq0eyg==

GET
H2 200 bff5a17848c1c3ca2e92.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
2 KB 208ms
207ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/bff5a17848c1c3ca2e92.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:40:34 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 18:36:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1297685
etag: W/"89aa5f0ba4d23ef932742078a6813055"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: i1jpLU-Ox4GNWWDnJxL4MqTXiAYMjaT5AruaH2PguUAvguWfDKQRkg==

GET
H2 200 08b2188b499f06c1505f.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
1 KB 209ms
208ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/08b2188b499f06c1505f.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:56:41 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 17:53:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3719518
etag: "f153c78d839388c3565b7f6afd151fb7"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 674
x-amz-cf-id: 7_IITM1EVMFfzDOig6U3FXbjwogM2SQtqTgfoy7hINCI6RGtjsQE4w==

GET
H2 200 3c4b90fb06f406220eed.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
2 KB 205ms
204ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/3c4b90fb06f406220eed.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:56:41 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 17:53:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3719518
etag: W/"f952d6e678661b8a2fc7b355fb837588"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: AcEdJOnzCaJbQOO1ycAfJ6ZNs751PuLaC8PkOojSO36auC6lV8364w==

GET
H2 200 22eae17ed4a873a65b0c.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
6 KB 211ms
209ms Other
application/javascript 2600:9000:2240:a600:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/22eae17ed4a873a65b0c.js
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a600:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:40:35 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 18:36:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1297684
etag: W/"83c8cffb881fa0486cf16b86a19c07ac"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: 7I_TkVwkIM4mKSiTmhQb10eNC0M1XHTb4s5tY034xu0ylC8anPzMoQ==

GET
H/1.1 200
OK home-hero-sm.jpg
dusty.c21resultsteam.com/assets/images/ 389 KB
390 KB 1778ms
384ms Image
image/jpeg 44.240.57.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dusty.c21resultsteam.com/assets/images/home-hero-sm.jpg
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 44.240.57.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-57-64.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 8b2e6056077d418b180e15faefddef44ed0774dda607d40e16da50ad6ab273fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
last-modified: Thu, 09 Mar 2023 19:07:45 GMT
etag: W/"614cc-186c7c5a7e8"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=5256000
connection: close
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 398540

GET
H/1.1 200
OK open-sans-500.woff
dusty.c21resultsteam.com/assets/fonts/ 20 KB
21 KB 790ms
395ms Font
font/woff 44.240.57.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dusty.c21resultsteam.com/assets/fonts/open-sans-500.woff
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 44.240.57.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-57-64.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 60cae4613964231b7536e02ed12711d7580b84de426cdac5a13ff57cc5bdd80c

Request headers

Referer: https://dusty.c21resultsteam.com/
Origin: https://dusty.c21resultsteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
last-modified: Thu, 09 Mar 2023 19:07:45 GMT
etag: W/"512c-186c7c5a7e8"
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=5256000
connection: close
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 20780

GET
H/1.1 200
OK open-sans-300.woff
dusty.c21resultsteam.com/assets/fonts/ 20 KB
21 KB 767ms
196ms Font
font/woff 44.240.57.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dusty.c21resultsteam.com/assets/fonts/open-sans-300.woff
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 44.240.57.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-57-64.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 0492eed13f4292bcf2f9f412d3edb5451df8f57a3d3647122c34b212e5145311

Request headers

Referer: https://dusty.c21resultsteam.com/
Origin: https://dusty.c21resultsteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
last-modified: Thu, 09 Mar 2023 19:07:45 GMT
etag: W/"5114-186c7c5a7e8"
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=5256000
connection: close
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 20756

GET
H2 200 b6bc3e1a-cd18-40ec-a7f6-45bc74e949c4 Show response
perfalytics.com/event-definitions/ 102 KB
10 KB 391ms
339ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/event-definitions/b6bc3e1a-cd18-40ec-a7f6-45bc74e949c4
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10737d0b323ce48445b974eedde4b4fd3de6ba62c806acbcf171e74cd21124d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
x-amz-version-id: H_sLq_lOyCnALxO2Y1VFZMnVoe5Gzfa.
content-encoding: gzip
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
last-modified: Thu, 19 Jan 2023 02:22:26 GMT
server: AmazonS3
etag: W/"b735557f9d9cddc2d5f6e45493d6eafa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60,s-max-age=60
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Km7niw3fapoMLUR3iQJ_TE3nrwlJFPy-15aZhPEpDM0p9wHAFX_RDg==

GET
H/1.1 200
OK 6e0e53aa-7325-4736-8849-ae36467ee6e0Terry%20Swanson%20Footer.png
yl-clients-prod.s3.amazonaws.com/ 9 KB
9 KB 445ms
168ms Image
application/octet-stream 52.216.29.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/6e0e53aa-7325-4736-8849-ae36467ee6e0Terry%20Swanson%20Footer.png
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.29.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdd894a880fc6a1e02be92294a826468035ff8903d745f26d12e9fd6904b183d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 19:08:39 GMT
Last-Modified: Wed, 01 Jun 2022 02:11:17 GMT
Server: AmazonS3
x-amz-request-id: B4F8HKBKD7BYXADM
ETag: "f15fe81013b81939238c9729720c7d8d"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 8881
x-amz-id-2: SJ8CYibYItkGHsYQdWjoeJvd0gpbplDVc4VKLUkay32vg+ToSf42r1xaQm1Zt//NiZDwMMgnAqk=

GET
H/1.1 200
OK equal-housing-opportunity-black.png
yl-malabar.s3.amazonaws.com/public/default/ 16 KB
17 KB 635ms
214ms Image
image/png 52.218.201.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-malabar.s3.amazonaws.com/public/default/equal-housing-opportunity-black.png
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.201.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 020128690cd24615097c8780352468db0ae5363c88c3a56f9c901ae34a5babb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 19:08:39 GMT
Last-Modified: Mon, 28 Sep 2020 18:12:54 GMT
Server: AmazonS3
x-amz-request-id: B4FECXN705CE4S5K
ETag: "d4fea226514feb24c4f0f5df1828ebdd"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16661
x-amz-id-2: 5+/S9VLZpHHOpj9SD2IIW2iKukFhXSisSJw1Y0VrG1reI/Xfn/Gaft+YF34bvD+K5jbL2wEwmAo=

GET
H/1.1 200
OK open-sans-400.woff
dusty.c21resultsteam.com/assets/fonts/ 20 KB
21 KB 1160ms
391ms Font
font/woff 44.240.57.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dusty.c21resultsteam.com/assets/fonts/open-sans-400.woff
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 44.240.57.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-57-64.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 22459e1de13b29a9997c47434287b7b07bcd58013dc71c6fa14637b0d46d469c

Request headers

Referer: https://dusty.c21resultsteam.com/
Origin: https://dusty.c21resultsteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
last-modified: Thu, 09 Mar 2023 19:07:45 GMT
etag: W/"50e8-186c7c5a7e8"
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=5256000
connection: close
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 20712

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
23ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Mar 2023 18:14:48 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3230
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 10 Mar 2023 20:14:48 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976173502/ 2 KB
2 KB 127ms
66ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976173502/?random=1678475318428&cv=11&fst=1678475318428&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdusty.c21resultsteam.com%2F&tiba=Home%20Search&auid=1039737551.1678475318&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3caa52352b7b5f61629ace2744d8f85da0a41d46c11d4f7870ba0150b41b1038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1180
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 164ms
91ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 10 Mar 2023 19:08:38 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DBA07F8F2A25423A9948D93D0603F592 Ref B: FRAEDGE2007 Ref C: 2023-03-10T19:08:38Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 42ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-773L8LSMPJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ea089c3da6da0b3d726e22ff4cdfcb6ed44c81e2a9f0d2ac9dfa21a751b8c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Mar 2023 19:08:38 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
59 B 36ms
35ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T3VB2GG&cv=25&v=3&t=t&pid=1513329303&rv=3360&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&tc=19&dl=dusty.c21resultsteam.com%2F&tdp=GTM-T3VB2GG;13161746;0;0;0&z=0

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 td
www.googletagmanager.com/ 0
128 B 54ms
53ms Image
image/gif 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=GTM-T3VB2GG&cv=25&v=3&t=t&pid=1513329303&rv=3360&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&tc=19&dl=dusty.c21resultsteam.com%2F&tdp=GTM-T3VB2GG;13161746;0;0;0&z=0
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:38 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 54ms
53ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T3VB2GG&cv=25&v=3&t=t&pid=1513329303&rv=3360&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tc=19&z=0

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 103ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-773L8LSMPJ&gtm=45je3360&_p=964859318&cid=86288773.1678475319&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678475318&sct=1&seg=0&dl=https%3A%2F%2Fdusty.c21resultsteam.com%2F&dt=Home%20Search&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-773L8LSMPJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dusty.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 31ms
31ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T3VB2GG&cv=25&v=3&t=t&pid=1513329303&rv=3360&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAACCA&h=Ag&tc=19&tr=1gclidw.1gaawc.1paused.1ua.1sp.1baut.5gclidw.5gaawc.6paused&ti=1gclidw.1gaawc.1paused.1ua.1sp.2baut.1gclidw.1gaawc.1paused&z=0

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 30ms
29ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=964859318&t=pageview&_s=1&dl=https%3A%2F%2Fdusty.c21resultsteam.com%2F&ul=en-us&de=UTF-8&dt=Home%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1283808320&gjid=617147259&cid=86288773.1678475319&tid=UA-58311306-5&_gid=1609934793.1678475319&_r=1&_slc=1&gtm=45He3360n81T3VB2GG&cd1=v2&z=2121545198

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dusty.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/976173502/ 42 B
455 B 94ms
39ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976173502/?random=1678475318428&cv=11&fst=1678474800000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdusty.c21resultsteam.com%2F&tiba=Home%20Search&fmt=3&is_vtc=1&random=3641847128&rmt_tld=0&ipr=y

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/976173502/ 42 B
455 B 134ms
78ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976173502/?random=1678475318428&cv=11&fst=1678474800000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdusty.c21resultsteam.com%2F&tiba=Home%20Search&fmt=3&is_vtc=1&random=3641847128&rmt_tld=1&ipr=y

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 97ms
30ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-58311306-5&cid=86288773.1678475319&jid=1283808320&gjid=617147259&_gid=1609934793.1678475319&_u=YADAAEAAAAAAACAAI~&z=1568259946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Mar 2023 19:08:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dusty.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 agent Show response
widgetbe.com/ 78 KB
78 KB 481ms
223ms Script
application/javascript 35.169.178.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/agent
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.178.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-178-236.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 / PHP/7.4.30
Resource Hash: 23ce9b76e15ab7d4456581c8e2ca64ab0b1f9f3b261423652437c6517ae6fa9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 170 KB
56 KB 101ms
22ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

fbcbff87ae9d92eb37e738b45109f82aba1488be98035170ab7e685e374263c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:03:06 GMT
content-encoding: gzip
server: mafe
age: 332
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56902
x-xss-protection: 0
expires: Fri, 10 Mar 2023 19:33:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 94ms
26ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/5ca88c9d8850822baf93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Mar 2023 19:08:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: u1f47UVi74tYxcn+91Quowll1vTpZ8SBFLjIX/ccxvPCFpFbGIx3DkD8FcYDZL+r/JZJYZbNij2FQhdPzWPF2A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK activity Show response
dusty.c21resultsteam.com/api/1.0/person/ 15 B
617 B 630ms
207ms Fetch
application/json 44.240.57.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dusty.c21resultsteam.com/api/1.0/person/activity
Requested by: Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/5ca88c9d8850822baf93.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 44.240.57.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-57-64.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
credentials: same-origin
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:39 GMT
etag: W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dusty.c21resultsteam.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
connection: close
content-length: 15
expires: -1

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 39ms
38ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T3VB2GG&cv=25&v=3&t=t&pid=1513329303&rv=3360&es=1&e=gtm.scrollDepth&eid=8&u=AAAAAAAIAAAAACCA&h=Ag&tc=19&z=0

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 49ms
47ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58311306-5&cid=86288773.1678475319&jid=1283808320&_u=YADAAEAAAAAAACAAI~&z=538302131

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
50ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58311306-5&cid=86288773.1678475319&jid=1283808320&_u=YADAAEAAAAAAACAAI~&z=538302131

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5561391.js Show response
bat.bing.com/p/action/ 0
135 B 135ms
135ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5561391.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 10 Mar 2023 19:08:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E751C0EBA3134FEEB2E93E0E121CBC42 Ref B: FRAEDGE2007 Ref C: 2023-03-10T19:08:38Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 49ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5561391&Ver=2&mid=98456a16-2931-4fea-870a-2e516b5afafa&sid=f6ef2240bf7611edaf9cddafd1b28178&vid=f6ef0e30bf7611edbe6c6762217b3eb0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20Search&kw=Home%20Search&p=https%3A%2F%2Fdusty.c21resultsteam.com%2F&r=&lt=1100&evt=pageLoad&sv=1&rn=21046

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Mar 2023 19:08:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2A6CB050DCD74FE4B531E981B5C8203C Ref B: FRAEDGE2007 Ref C: 2023-03-10T19:08:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 32ms
32ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T3VB2GG&cv=25&v=3&t=t&pid=1513329303&rv=3360&es=1&e=gtm.dom&eid=9&u=AAAAAAAIAAAAACCA&h=Ag&tc=19&z=0

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: js.convertflow.co
URL: https://js.convertflow.co/production/websites/28791.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:06:26 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 76ms
31ms XHR
application/json 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dusty.c21resultsteam.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 integrations.js Show response
perfalytics.com/static/js/ 387 KB
94 KB 28ms
28ms Script
application/javascript 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/integrations.js
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46fa0164da3459946b34afb89c6189b8164727a3a2dd6f2bffc2ade09663fcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:09 GMT
x-amz-version-id: vy8YBJyHh3YdSxs1zcx5.F53Z1LNuBia
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 14:49:49 GMT
server: AmazonS3
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
etag: W/"44227cff6f42b81f9be75e88d2c0bdf2"
age: 30
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: dgvyf8VNtzPCR0rZcsJvaydfFcY6MW9Z2f-VMic4G3wCvpAie-XPIg==

GET
H2 200 836151066530211 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 24ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/836151066530211?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf7db68baef0311680595413d95590348da7266ae26f872e7bdf29e2c231ee54

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Mar 2023 19:08:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110560
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2j84bhpSCW1uRsltM3ODh3Td5MFVpi5FwzYnBunQ72U67PPks0jWuZe6tdkcP+p6P1LCEQI2ZkarvBYsQ+DI+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 99e0b2f7-3004-489b-8e4e-efe2a621c87f Show response
app.convertflow.co/websites/28791/visitors/ 266 B
968 B 325ms
303ms Script
text/javascript 2606:4700:20::681a:829
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertflow.co/websites/28791/visitors/99e0b2f7-3004-489b-8e4e-efe2a621c87f?callback=jQuery36106648296902513569_1678475318945&visitor%5Bwebsite_id%5D=28791&visitor%5Bvisitor_token%5D=99e0b2f7-3004-489b-8e4e-efe2a621c87f&visitor%5Bcontact_id%5D=&visitor%5Blanding_page%5D=https%3A%2F%2Fdusty.c21resultsteam.com%2F&visitor%5Bplatform%5D=Web&new=true&_=1678475318946

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:829 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cafade4baa9fc706c23ab1d562dd69919ec9f9c0fb92d923e70ec8c9090df68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 vegur
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 99272971-b65a-4e92-a970-fc5d23353368
x-runtime: 0.004861
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2cafade4baa9fc706c23ab1d562dd699"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqMUEU4QmfLXUwgbDkPAI1eWjYEOJdIFHWcrvwYkKcnkaq0DJYyesR6s6iXp2uxFjPeA7Nc9F9iQQ3oh%2BH%2FPPulc6E2jKz5TyW%2FILKDN6d1ajdRzjjGcxWSPrCMsoOIg6xI%2FemNPT3zrrqXLxbkcPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, private, must-revalidate
cf-ray: 7a5dd8f7aceabb7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 520ms
445ms Preflight
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dusty.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Fri, 10 Mar 2023 19:08:39 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-apigw-id: BlD4tEMdvHcFp6g=
x-amz-cf-id: gYeNLfLIl9q2hBxKg_VBSyh6bq57AY5mUv1l6CNX0xT52PBpXXwMpA==
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: ec61f255-ec71-4879-80b6-a378b3ef36ff
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 519ms
446ms Preflight
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dusty.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Fri, 10 Mar 2023 19:08:39 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-apigw-id: BlD4tEMWPHcFf6w=
x-amz-cf-id: WAvAozFPX66hHPi3hh2yuHRZb6xz4kDZOeq3Y18Bu4wDMQLK66XoZQ==
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 91fea3da-e1e2-4821-8f53-e3f24270049f
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 510ms
452ms Preflight
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dusty.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Fri, 10 Mar 2023 19:08:39 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-apigw-id: BlD4tHLyvHcFzYg=
x-amz-cf-id: X-754hD6fyA-iPsyFKNQnAT0fZb3BF0vOzvXKGQjkljoe8w9A7YHEQ==
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 736ed6a2-c363-4458-86ae-9e03fef13567
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 224ms
171ms Preflight
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dusty.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Fri, 10 Mar 2023 19:08:39 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-apigw-id: BlD4rG6hvHcF2SA=
x-amz-cf-id: Y4XL6rFuwLPKuqVM2bg6vGXDLSe4BzAbt8bdLu2JLUqZPMNRskvUsg==
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 3a109a98-09b3-4269-9ddf-4a7121ddd52a
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 504ms
455ms Preflight
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dusty.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Fri, 10 Mar 2023 19:08:39 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-apigw-id: BlD4tGyyvHcFafg=
x-amz-cf-id: h3UtzMk4-gS6Qehua9xNg1AiVVNl4mqcI7pjsUEsqCTlzIMETCC2jA==
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 0c5b3c5e-a27a-453c-a706-b6c24075451e
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 487ms
447ms Preflight
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dusty.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Fri, 10 Mar 2023 19:08:39 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-apigw-id: BlD4tHVCvHcFQqA=
x-amz-cf-id: fCdNbzkw5kdBEMgeufEsHQzVjY742x8gGK1WOrxXURY5iQn67_TE8Q==
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: f2201d26-47d9-4d4e-a6b3-9db8d407d358
x-cache: Miss from cloudfront

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
651 B 612ms
609ms XHR
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash: b53c319f658fbc88bd74b76630ac0b717fb5c5cdf94f98825732841ff4a62271

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 19:08:40 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 86384269-44f2-45f9-adb9-211a7b3b1c64
x-amzn-trace-id: Root=1-640b8038-0dbe1dc72d498ad65bf86c37
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: BlD4zFi7vHcFmZg=
content-length: 133
x-amz-cf-id: aqauwd4YEwsxCHfO4Lb-MQso_5nqB1380utigK8SSQ8JXC1JjCi2Yg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
654 B 601ms
601ms XHR
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash: 4887c8556b38344e824825bfcc921c33b38a56dd5776d334af25bb8017de7682

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 19:08:40 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 50723e7f-88be-4daf-a3f4-2e70f73abc8b
x-amzn-trace-id: Root=1-640b8038-7b6683b54cac8f8810df274f
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: BlD4zGBEvHcFVzg=
content-length: 133
x-amz-cf-id: FXHi2QjN3AR8kXFvZR5PKDwaOSjSMx05eNhDrFj_Lt3hzr7CPJzoCA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
653 B 611ms
610ms XHR
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash: 167c8488ef506620e6d714d2869fd0a9af5c0831b81b3139cb113960de4aba38

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 19:08:40 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: d7fef11a-1637-49ff-976a-ae495ef6e67b
x-amzn-trace-id: Root=1-640b8038-6da4b746782e82ed2cccf291
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: BlD4zGfmvHcFjhQ=
content-length: 133
x-amz-cf-id: Z3IrOgzbksMvXO-nIWqX1vroMRYVhYMZT4YA7ddcwJrX9OH5SzDAKQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
652 B 453ms
453ms XHR
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash: 15cc05404943541ed565973a4560ec1252b1e9808c9bb4b5ca25d4ef06483536

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 32c28d7e-303f-427d-bcbd-c1d6e8df3f08
x-amzn-trace-id: Root=1-640b8037-73bd879959cf47ba44829e3d
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: BlD4vEriPHcF1Gg=
content-length: 133
x-amz-cf-id: hB-skMJFfHAbYfsenJgrAw6LlCVAm5UL-6hjrbPk6eyhBfSOeR777Q==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
651 B 619ms
618ms XHR
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash: 9461a9bb1035ab1e78d2dfc75e4748ed8fb8b740494c591fb9470cae73bcde1f

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 19:08:40 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 761b9826-3854-417e-b46a-d482af0a4181
x-amzn-trace-id: Root=1-640b8038-5995dbb3006b8d454e6323ad
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: BlD4zHYxvHcFl8g=
content-length: 133
x-amz-cf-id: iLWHxhK_bQ3nnPz084UiNH6U8iUOGce_e3yDlj-1m_jMFKAPmpaLtA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
653 B 608ms
608ms XHR
application/json 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: /
Resource Hash: 69f1eb6fdb6aaf4afefccbb9fd6bfe7f02e590b622fb3177da147bb45acdd80d

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 19:08:40 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 4cf74bf9-5d7e-4ee0-9937-85312dea7a53
x-amzn-trace-id: Root=1-640b8038-6e81baa556ecbb914ac3f9a9
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: BlD4zF_kPHcFTkQ=
content-length: 133
x-amz-cf-id: EzyFc6z8wa18hFQ-j82ik6lb_1wX0jICxO9RPCNZTsJ_cuE-h9hv_w==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
78 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG&l=dataLayer

Requested by

Host: perfalytics.com
URL: https://perfalytics.com/static/js/integrations.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d9693df1b7ba0f4b20ccd40e9c2095895eaed2b34f855213b3c827b0a3a1239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79601
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Mar 2023 19:08:39 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 85ms
24ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/integrations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:05:15 GMT
content-encoding: gzip
age: 204
x-guploader-uploadid: ADPycdu8b_bgkU6udDVA8IAcGpjmiBW36SyTjE0TfP7uhvbi_TveUAw01ia0VjhszxplcMSlIURPRB8mH_omcUczl6RBqI1DqZwp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-generation: 1645129310876382
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
expires: Fri, 10 Mar 2023 19:15:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 105ms
26ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836151066530211&ev=PageView&dl=https%3A%2F%2Fdusty.c21resultsteam.com%2F&rl=&if=false&ts=1678475319109&sw=1600&sh=1200&ud[external_id]=90ace4449279d6194a572fe9706b4cb9e70d7a9c24a42b1f5fd81d019b10f39c&v=2.9.98&r=stable&a=seg&ec=0&o=30&cs_est=true&fbp=fb.1.1678475319100.607512660&it=1678475318918&coo=false&rqm=GET

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Mar 2023 19:08:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
32ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=964859318&t=pageview&_s=1&dl=https%3A%2F%2Fdusty.c21resultsteam.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20Search%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAHAAEABAAAAACgCIAB~&jid=152037143&gjid=1212400074&cid=86288773.1678475319&tid=UA-58311306-5&_gid=1609934793.1678475319&_r=1&z=1831532717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dusty.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 76ms
76ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=964859318&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdusty.c21resultsteam.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20Search%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Home%20Search%20Site%20Page&ev=0&_u=aAHAAEABAAAAACgCIAB~&jid=&gjid=&cid=86288773.1678475319&tid=UA-58311306-5&_gid=1609934793.1678475319&z=842176469

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 16:50:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8275
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/4/ 270 KB
67 KB 39ms
31ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/4/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001bd3df7559b26ba3f93afd10a8b07e2718f2396ca1a2b61387445fa4eab8ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 14:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68395
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 03:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Mar 2024 14:33:13 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/4/ 158 KB
55 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/4/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d72dd7c18159ee3b4f8d7c99ffcf23b51f794babf5ed35318bc7e34eed8ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 18:14:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56051
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 03:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Mar 2024 18:14:08 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/4/ 90 KB
26 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/4/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17113095def0e0279e6d5ad0c0b221ae5acef81e34324cec3c816c48d42a3e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:49:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26330
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 03:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:49:20 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/4/ 47 KB
17 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/4/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61b98764ac1d94f2d83fb26173f4c7abd3628166bd06441ca78ce3ef1ad59cac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:49:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16895
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 03:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:49:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 32ms
31ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-58311306-5&cid=86288773.1678475319&jid=152037143&gjid=1212400074&_gid=1609934793.1678475319&_u=aAHAAEABAAAAACgCIAB~&z=640443086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Mar 2023 19:08:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dusty.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58311306-5&cid=86288773.1678475319&jid=152037143&_u=aAHAAEABAAAAACgCIAB~&z=1232489038

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 46ms
46ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58311306-5&cid=86288773.1678475319&jid=152037143&_u=aAHAAEABAAAAACgCIAB~&z=1232489038

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 config Show response
widgetbe.com/ 206 B
540 B 398ms
170ms XHR
application/json 35.169.178.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/config
Requested by: Host: widgetbe.com
URL: https://widgetbe.com/agent
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.178.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-178-236.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 / PHP/7.4.30
Resource Hash: cb676184a6d6cc08d744aba59b29d4072ebcbf934cb77a42039bffca6a34d353

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 create Show response
app.convertflow.co/websites/28791/events/ 74 B
442 B 125ms
124ms Script
text/javascript 2606:4700:20::681a:829
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertflow.co/websites/28791/events/create?callback=jQuery36106648296902513569_1678475318945&event%5Bevent_type%5D=Visit&event%5Bvisitor_token%5D=99e0b2f7-3004-489b-8e4e-efe2a621c87f&event%5Burl%5D=https%3A%2F%2Fdusty.c21resultsteam.com%2F&event%5Bwebsite_id%5D=28791&event%5Bdata%5D%5Btitle%5D=Home%20Search&_=1678475318947

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:829 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd96eef56b2830a22356622de8a4511b4afcd52b9a75f5cbfe882cb212b9ff4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 vegur
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: ec678ef8-e426-42b0-a7bf-0db6a3db9576
x-runtime: 0.004710
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fd96eef56b2830a22356622de8a4511b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vI2xik8KAO6pQwXk9nYQMAWDV%2Fr2Mi4oU6vonjV%2FNSnHZl7XGQAl90oXA7%2BcJWnUT%2ByHIzMjdk3%2Bwr3aRjOYNwbX1Fzm85GtrlynHMUZ%2F2Xe4N6TDZLFg%2FHbhIlmS9aL%2FyRDeQUrdy8rHb0vcNc4%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, private, must-revalidate
cf-ray: 7a5dd8faaa10bb7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
23ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836151066530211&ev=Microdata&dl=https%3A%2F%2Fdusty.c21resultsteam.com%2F&rl=&if=false&ts=1678475319612&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20Search%22%2C%22meta%3Adescription%22%3A%22Home%20Search%20and%20latest%20real%20estate%20listings.%20%20Find%20your%20perfect%20home%20with%20us!%22%2C%22meta%3Akeywords%22%3A%22Home%20Search%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Home%20Search%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdusty.c21resultsteam.com%3A443%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fyl-clients-prod.s3.amazonaws.com%2F4310fd21-9933-49f8-8ad8-654293f98943Terry%2520Swanson%2520Header.png%22%2C%22og%3Aimage%3Awidth%22%3A%22600%22%2C%22og%3Aimage%3Aheight%22%3A%22450%22%2C%22og%3Adescription%22%3A%22Home%20Search%20and%20latest%20real%20estate%20listings.%20%20Find%20your%20perfect%20home%20with%20us!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=90ace4449279d6194a572fe9706b4cb9e70d7a9c24a42b1f5fd81d019b10f39c&v=2.9.98&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1678475319100.607512660&it=1678475318918&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Mar 2023 19:08:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 widget Show response
widgetbe.com/ Frame 2042 173 KB
173 KB 120ms
120ms Script
application/javascript 35.169.178.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/widget
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.178.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-178-236.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 / PHP/7.4.30
Resource Hash: ceddedcc2f5152f4ebdfee4d9e381bad6f4666273ee1bfb44e296827e0561e65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

POST
H2 200 pages Show response
widgetbe.com/ 0
325 B 156ms
155ms XHR
text/html 35.169.178.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/pages
Requested by: Host: widgetbe.com
URL: https://widgetbe.com/agent
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.178.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-178-236.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 / PHP/7.4.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
content-length: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 34ms
34ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T3VB2GG&cv=25&v=3&t=t&pid=1513329303&rv=3360&es=1&e=*&eid=11&u=AgAAAAAIAAAAACCA&h=Ag&tc=19&z=0

Requested by

Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:39 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 proximanova-regular-webfont.woff2
widgetbe.com/fonts/ Frame 2042 21 KB
21 KB 117ms
116ms Font
application/octet-stream 35.169.178.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/fonts/proximanova-regular-webfont.woff2
Requested by: Host: dusty.c21resultsteam.com
URL: https://dusty.c21resultsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.178.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-178-236.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 /
Resource Hash: b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795

Request headers

Referer: https://dusty.c21resultsteam.com/
Origin: https://dusty.c21resultsteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Mar 2023 19:08:40 GMT
last-modified: Mon, 15 Aug 2022 17:21:49 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
accept-ranges: bytes
etag: "54c4-5e64addf96962"
content-length: 21700

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 32ms
32ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-T3VB2GG&cv=25&v=3&t=t&pid=1513329303&rv=3360&es=1&e=gtm.load&eid=12&u=AgAAAAAIAAAAACCA&h=Ag&tc=19&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:08:43 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-773L8LSMPJ&gtm=45je3360&_p=964859318&cid=86288773.1678475319&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1678475318&sct=1&seg=0&dl=https%3A%2F%2Fdusty.c21resultsteam.com%2F&dt=Home%20Search&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-773L8LSMPJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dusty.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 19:08:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dusty.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
96 B 288ms
70ms XHR
application/json 35.190.25.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1678475324176

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 10 Mar 2023 19:08:44 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://dusty.c21resultsteam.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/engage/ 25 B
377 B 284ms
67ms XHR
application/json 35.190.25.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/engage/?verbose=1&ip=1&_=1678475324177

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://dusty.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 10 Mar 2023 19:08:44 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://dusty.c21resultsteam.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.c21resultsteam.com/	1970-01-20 14:33:47	Name: connect.sid Value: s%3AtMAmq0hX12oQ4-DEaw59kAhnCUj5j6eZ.TRiuKKXcbXf7llis%2BoyHFp1zsKYso53P7Ct3v38Eu34
.c21resultsteam.com/	1970-01-20 12:24:11	Name: _gcl_au Value: 1.1.1039737551.1678475318
.c21resultsteam.com/	1970-01-20 19:50:35	Name: _ga_773L8LSMPJ Value: GS1.1.1678475318.1.0.1678475318.0.0.0
.c21resultsteam.com/	1970-01-20 19:50:35	Name: _ga Value: GA1.2.86288773.1678475319
.c21resultsteam.com/	1970-01-20 10:16:01	Name: _gid Value: GA1.2.1609934793.1678475319
.c21resultsteam.com/	1970-01-20 10:14:35	Name: _gat_UA-58311306-5 Value: 1
.doubleclick.net/	1970-01-20 10:14:36	Name: test_cookie Value: CheckForPermission
.dusty.c21resultsteam.com/	1970-01-20 19:50:35	Name: _ga Value: GA1.3.86288773.1678475319
.dusty.c21resultsteam.com/	1970-01-20 10:16:01	Name: _gid Value: GA1.3.1609934793.1678475319
.c21resultsteam.com/	1970-01-20 10:16:01	Name: _uetsid Value: f6ef2240bf7611edaf9cddafd1b28178
.c21resultsteam.com/	1970-01-20 19:36:11	Name: _uetvid Value: f6ef0e30bf7611edbe6c6762217b3eb0
.bing.com/	1970-01-20 19:36:11	Name: MUID Value: 2BE72C76203E691F105B3EA621EC6858
.c21resultsteam.com/	1970-01-20 19:50:35	Name: cf_28791_id Value: 99e0b2f7-3004-489b-8e4e-efe2a621c87f
.c21resultsteam.com/	1969-12-31 23:59:59	Name: cf_28791_person_last_update Value: 1678475318951
.c21resultsteam.com/	1970-01-20 19:00:11	Name: ajs_anonymous_id Value: %22186ccecd6f1b3d-0c0355abf45bd-1430337c-1d4c00-186ccecd6f21094%22
.c21resultsteam.com/	1970-01-20 19:00:11	Name: fpjs_user_id Value: %2298b0d028-21ed-41d6-ae3b-57053f9d1155%22
.c21resultsteam.com/	1970-01-20 19:00:11	Name: mp_b6bc3e1a-cd18-40ec-a7f6-45bc74e949c4_perfalytics Value: %7B%22distinct_id%22%3A%20%2298b0d028-21ed-41d6-ae3b-57053f9d1155%22%2C%22%24device_id%22%3A%20%22186ccecd6f1b3d-0c0355abf45bd-1430337c-1d4c00-186ccecd6f21094%22%2C%22appName%22%3A%20%22Home%20Search%22%2C%22appVersion%22%3A%20%222%22%2C%22buildVersion%22%3A%20%225.35.0%22%2C%22partyId%22%3A%20%2222587%22%2C%22partyWebsiteId%22%3A%20%2299583%22%2C%22sourceIds%22%3A%20%5B%0A%20%20%20%20751%2C%0A%20%20%20%20678%2C%0A%20%20%20%20544%0A%5D%2C%22sourceIdsCount%22%3A%203%2C%22isLpRouteAccessible%22%3A%20false%2C%22isAdditionalNearbyListingsEnabled%22%3A%20true%2C%22isHalfBathDisplayEnabled%22%3A%20false%2C%22isConvertFlowRealEstateWebsite%22%3A%20true%2C%22isConvertFlowMortgageWebsite%22%3A%20false%2C%22defaultSearchResultStyle%22%3A%20%22plainText%22%2C%22isMortgageConvertFlowListingDetailEmbedAreaEnabled%22%3A%20false%2C%22isRealEstateConvertFlowListingDetailEmbedAreaEnabled%22%3A%20false%2C%22isAddressAutocompleteRestrictionEnabled%22%3A%20false%2C%22isAreaSearchGoogleAutocompleteEnabled%22%3A%20false%2C%22isSrpDefaultMapViewEnabled%22%3A%20true%2C%22isDefaultMapViewIgnoreMobile%22%3A%20true%2C%22isCanadianAddressesRestrictedForHomebot%22%3A%20true%2C%22isContentfulOverrideAllowed%22%3A%20false%2C%22isFeaturedListingDefaultEmptyView%22%3A%20true%2C%22isCheckRateCtaEnabled%22%3A%20false%2C%22isNewFooter2023Enabled%22%3A%20true%2C%22isConvertFlowNudgingEnabled%22%3A%20false%2C%22environment%22%3A%20%22production%22%2C%22__user_props%22%3A%20%7B%7D%2C%22%24user_id%22%3A%20%2298b0d028-21ed-41d6-ae3b-57053f9d1155%22%2C%22__last_event_time%22%3A%201678475319070%2C%22%24session_id%22%3A%20%22186ccecd6f51210-02613f34f3d788-1430337c-1d4c00-186ccecd6f6ea7%22%2C%22__first_pageview_in_session_has_occurred%22%3A%20true%2C%22__initial_utm_props_set%22%3A%20true%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24pageview_id%22%3A%20%22186ccecd71ca86-05f4091cdb6bb1-1430337c-1d4c00-186ccecd71d1585%22%2C%22__first_pageview_occurred%22%3A%20true%2C%22__last_pageview_time%22%3A%201678475319070%7D
.c21resultsteam.com/	1970-01-20 12:24:11	Name: _fbp Value: fb.1.1678475319100.607512660
.c21resultsteam.com/	1970-01-20 10:14:35	Name: _gat_freshpaintGATracker Value: 1
dusty.c21resultsteam.com/	1970-01-20 19:00:11	Name: mp_7c3d0528c5b7cd399b3c000e2659efa8_mixpanel Value: %7B%22distinct_id%22%3A%20%2298b0d028-21ed-41d6-ae3b-57053f9d1155%22%2C%22%24device_id%22%3A%20%22186ccecd78d510-00096051c88d1a-1430337c-1d4c00-186ccecd78eb84%22%2C%22mp_lib%22%3A%20%22Freshpaint%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24user_id%22%3A%20%2298b0d028-21ed-41d6-ae3b-57053f9d1155%22%2C%22mp_name_tag%22%3A%20%2298b0d028-21ed-41d6-ae3b-57053f9d1155%22%2C%22id%22%3A%20%2298b0d028-21ed-41d6-ae3b-57053f9d1155%22%7D
.c21resultsteam.com/	1970-01-20 19:50:35	Name: WidgetTrackerCookie Value: 78bad045-5a5f-477f-aa1e-1aac999aaac4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://widgetbe.com/agent Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-js.mixpanel.com
api.perfalytics.com
app.convertflow.co
bat.bing.com
cdn.mxpnl.com
connect.facebook.net
d2hnwe88wt837l.cloudfront.net
dusty.c21resultsteam.com
googleads.g.doubleclick.net
js.convertflow.co
maps.googleapis.com
perfalytics.com
region1.google-analytics.com
stats.g.doubleclick.net
widgetbe.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
yl-clients-prod.s3.amazonaws.com
yl-malabar.s3.amazonaws.com
2001:4860:4802:32::36
2600:1901:0:bc29::
2600:9000:2240:a600:c:7a7f:d040:21
2606:4700:20::681a:829
2620:1ec:c11::200
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.169.178.236
35.190.25.25
44.240.57.64
52.216.29.52
52.218.201.26
65.9.66.120
99.86.4.5
001bd3df7559b26ba3f93afd10a8b07e2718f2396ca1a2b61387445fa4eab8ed
020128690cd24615097c8780352468db0ae5363c88c3a56f9c901ae34a5babb8
0492eed13f4292bcf2f9f412d3edb5451df8f57a3d3647122c34b212e5145311
04d72dd7c18159ee3b4f8d7c99ffcf23b51f794babf5ed35318bc7e34eed8ae6
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
10737d0b323ce48445b974eedde4b4fd3de6ba62c806acbcf171e74cd21124d9
15cc05404943541ed565973a4560ec1252b1e9808c9bb4b5ca25d4ef06483536
167c8488ef506620e6d714d2869fd0a9af5c0831b81b3139cb113960de4aba38
17113095def0e0279e6d5ad0c0b221ae5acef81e34324cec3c816c48d42a3e14
22459e1de13b29a9997c47434287b7b07bcd58013dc71c6fa14637b0d46d469c
23ce9b76e15ab7d4456581c8e2ca64ab0b1f9f3b261423652437c6517ae6fa9e
2839dacab949e77b39bf40b76aa1cc7370f437996faed2a2734b7d7e7028a1fc
2cafade4baa9fc706c23ab1d562dd69919ec9f9c0fb92d923e70ec8c9090df68
2efaf80128e795bf79a2560fa74ed9a912002df9c833d8bb31d2fed13b4d22ad
3caa52352b7b5f61629ace2744d8f85da0a41d46c11d4f7870ba0150b41b1038
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3e3e5570293d6cff859e82f66a95ffa47cb162c95847191dbe0f6fd2e8caa673
46fa0164da3459946b34afb89c6189b8164727a3a2dd6f2bffc2ade09663fcef
4887c8556b38344e824825bfcc921c33b38a56dd5776d334af25bb8017de7682
4cccdd8a6d7a187002a9298580160f84231c4cd78ad665831a6551041b3cccd8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
60cae4613964231b7536e02ed12711d7580b84de426cdac5a13ff57cc5bdd80c
61b98764ac1d94f2d83fb26173f4c7abd3628166bd06441ca78ce3ef1ad59cac
69f1eb6fdb6aaf4afefccbb9fd6bfe7f02e590b622fb3177da147bb45acdd80d
7d9693df1b7ba0f4b20ccd40e9c2095895eaed2b34f855213b3c827b0a3a1239
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d6a6a994c5354a20014745aee8fbc153e52bf5320ece5d2a1212ff65b3e9b3
8986388797222d6db48a4342c49ecc2d7b321ec416cfab1a92c33e2cd9929c9d
8b2e6056077d418b180e15faefddef44ed0774dda607d40e16da50ad6ab273fe
9461a9bb1035ab1e78d2dfc75e4748ed8fb8b740494c591fb9470cae73bcde1f
94aed2dba84c5fc8d8d25767d083df06c7f3c0332f7af580ec1d0b6a3dfcd847
9cef8a6dc87bc92626b848768f12cb14cc360fe8e589e7806ea67e4d149489fe
9dea127d1a184ded7c443a0d60944a944904e7b6490c2b2f06420c2801704634
9ea089c3da6da0b3d726e22ff4cdfcb6ed44c81e2a9f0d2ac9dfa21a751b8c1e
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5cf2b1effa29b87caae09f62470352b87e6f7c8e0c661daad25f44d1428aaf0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b53c319f658fbc88bd74b76630ac0b717fb5c5cdf94f98825732841ff4a62271
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb676184a6d6cc08d744aba59b29d4072ebcbf934cb77a42039bffca6a34d353
cdd894a880fc6a1e02be92294a826468035ff8903d745f26d12e9fd6904b183d
ceddedcc2f5152f4ebdfee4d9e381bad6f4666273ee1bfb44e296827e0561e65
cf7db68baef0311680595413d95590348da7266ae26f872e7bdf29e2c231ee54
d31eec2ccbed98adc9d9fac6464011833e123fd52b61fbb48d8f1ba7f750e1c4
d783ca3a08c742b09d02d3f06498bc58d467813291a4eb0ee6f23ea7b90126e8
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dd1b81a7ad769bd94220cb2e09513c9403aa1e0b174a7790b80fd88e7a29be7b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbcbff87ae9d92eb37e738b45109f82aba1488be98035170ab7e685e374263c3
fd96eef56b2830a22356622de8a4511b4afcd52b9a75f5cbfe882cb212b9ff4a

dusty.c21resultsteam.com Open in urlscan Pro 44.240.57.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

100 %HTTPS

68 %IPv6

17 Domains

23 Subdomains

22 IPs

3 Countries

2383 kBTransfer

5876 kBSize

21 Cookies

0 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dusty.c21resultsteam.com Open in urlscan Pro
44.240.57.64 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

100 %
HTTPS

68 %
IPv6

17
Domains

23
Subdomains

22
IPs

3
Countries

2383 kB
Transfer

5876 kB
Size

21
Cookies

105 HTTP transactions
0 data transactions