bullshireonline.com Open in urlscan Pro
192.124.249.170 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bullshireonline.com/store/
Submission: On August 06 via manual (August 6th 2021, 3:48:56 pm UTC) from GB

Summary HTTP 325 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 41 domains to perform 325 HTTP transactions. The main IP is 192.124.249.170, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is bullshireonline.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 14th 2020. Valid for: a year.

This is the only time bullshireonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	192.124.249.170 192.124.249.170	30148 (SUCURI-SEC) (SUCURI-SEC)
9	18.198.144.239 18.198.144.239	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
80	13.224.96.112 13.224.96.112	16509 (AMAZON-02) (AMAZON-02)
1	45.9.150.63 45.9.150.63	49447 (NICEIT) (NICEIT)
1 3	52.94.216.147 52.94.216.147	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:6c0... 2a02:26f0:6c00:286::108	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2.16.186.121 2.16.186.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	13.225.84.72 13.225.84.72	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:ee00:1f:f560:8d00:21	16509 (AMAZON-02) (AMAZON-02)
2	18.211.81.84 18.211.81.84	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:243... 2600:1f18:243f:2d00:a874:dd37:27b9:63ad	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6816:37d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:8800:1c:b536:2c40:21	16509 (AMAZON-02) (AMAZON-02)
6	52.95.118.184 52.95.118.184	16509 (AMAZON-02) (AMAZON-02)
2	52.94.218.163 52.94.218.163	16509 (AMAZON-02) (AMAZON-02)
45	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:21f... 2600:9000:21f3:6600:19:7012:e500:21	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3039::6815:c07c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	54.86.20.131 54.86.20.131	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:d24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
15 29	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 3	35.186.253.211 35.186.253.211	() ()
3 3	185.64.189.115 185.64.189.115	() ()
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	79.137.68.187 79.137.68.187	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.45.106.90 23.45.106.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	63.32.201.39 63.32.201.39	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:14d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.79.143.47 23.79.143.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	216.58.212.166 216.58.212.166	() ()
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
325	53

31 192.124.249.170 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10170.sucuri.net

bullshireonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.198.144.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com

app.ecwid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 13.224.96.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-112.zrh50.r.cloudfront.net

d2j6dbq0eux0bg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.150.63 (Switzerland)

ASN49447 (NICEIT, DM)

click.driverfortnigtly.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.216.147 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ws-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:286::108 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.121 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-121.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.84.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-72.fra2.r.cloudfront.net

d2scn539ulxr09.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:ee00:1f:f560:8d00:21 (United States)

ASN16509 (AMAZON-02, US)

d3dq8sxcny4hg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.211.81.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-81-84.compute-1.amazonaws.com

ecomm.events	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:243f:2d00:a874:dd37:27b9:63ad (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

analytics.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:37d8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zotabox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:8800:1c:b536:2c40:21 (United States)

ASN16509 (AMAZON-02, US)

d1oxsl77a1kjht.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.95.118.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

wms-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.218.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

fls-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6600:19:7012:e500:21 (United States)

ASN16509 (AMAZON-02, US)

d35z3p2poghz10.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3039::6815:c07c (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.20.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-20-131.compute-1.amazonaws.com

connect.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:d24 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.185.98 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 3 redirects

ASN- ()
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.137.68.187 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm9.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.106.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-106-90.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.201.39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:14d9 (United States)

ASN13335 (CLOUDFLARENET, US)

stats.zotabox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-47.deploy.static.akamaitechnologies.com

img.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (Mountain View, United States) 2 redirects

ASN- ()
PTR: ams15s22-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	cloudfront.net d2j6dbq0eux0bg.cloudfront.net d2scn539ulxr09.cloudfront.net d3dq8sxcny4hg.cloudfront.net d1oxsl77a1kjht.cloudfront.net d35z3p2poghz10.cloudfront.net	5 MB
62	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	659 KB
60	doubleclick.net 17 redirects googleads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	496 KB
31	bullshireonline.com bullshireonline.com	437 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	306 KB
11	google.com 5 redirects adservice.google.com www.google.com	1 KB
11	amazon-adsystem.com 1 redirects ws-eu.amazon-adsystem.com wms-eu.amazon-adsystem.com fls-eu.amazon-adsystem.com	49 KB
9	ecwid.com app.ecwid.com	34 KB
7	zbcdn.net static.zbcdn.net	226 KB
7	googletagservices.com www.googletagservices.com	252 KB
5	google-analytics.com www.google-analytics.com	21 KB
4	google.de adservice.google.de	574 B
4	sitewit.com analytics.sitewit.com connect.sitewit.com	25 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	1 KB
3	openx.net 3 redirects rtb.openx.net	990 B
3	facebook.net connect.facebook.net	102 KB
3	zotabox.com static.zotabox.com stats.zotabox.com	21 KB
3	wsimg.com 1 redirects img1.wsimg.com img6.wsimg.com	13 KB
3	media-amazon.com m.media-amazon.com	19 KB
2	secureserver.net img.secureserver.net	1 KB
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	498 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	921 B
2	rlcdn.com 2 redirects id.rlcdn.com	890 B
2	quantserve.com 1 redirects cms.quantserve.com	800 B
2	facebook.com www.facebook.com	294 B
2	paypal.com www.paypal.com t.paypal.com	6 KB
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	2mdn.net s0.2mdn.net	46 KB
2	ecomm.events ecomm.events	2 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	congstar.de banner.congstar.de	518 B
1	innovid.com ag.innovid.com	297 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	gstatic.com fonts.gstatic.com	15 KB
1	paypalobjects.com www.paypalobjects.com	188 KB
1	googleadservices.com partner.googleadservices.com	663 B
1	onesignal.com cdn.onesignal.com	3 KB
1	driverfortnigtly.ga click.driverfortnigtly.ga	1 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
325	41

	Domain	Requested by
80	d2j6dbq0eux0bg.cloudfront.net	bullshireonline.com
45	tpc.googlesyndication.com	bullshireonline.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
31	bullshireonline.com	bullshireonline.com
29	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net bullshireonline.com
25	googleads.g.doubleclick.net	pagead2.googlesyndication.com bullshireonline.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	bullshireonline.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com img1.wsimg.com
9	app.ecwid.com	bullshireonline.com app.ecwid.com img1.wsimg.com d35z3p2poghz10.cloudfront.net
7	static.zbcdn.net	static.zotabox.com static.zbcdn.net bullshireonline.com
7	www.google.com	5 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	wms-eu.amazon-adsystem.com	ws-eu.amazon-adsystem.com
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com bullshireonline.com
5	d2scn539ulxr09.cloudfront.net	app.ecwid.com
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
3	www.awin1.com	1 redirects as.ad4m.at
3	image6.pubmatic.com	3 redirects
3	rtb.openx.net	3 redirects
3	static.doubleclick.net	googleads.g.doubleclick.net
3	connect.facebook.net	connect.facebook.net
3	analytics.sitewit.com	app.ecwid.com analytics.sitewit.com bullshireonline.com
3	m.media-amazon.com	bullshireonline.com ws-eu.amazon-adsystem.com
3	ws-eu.amazon-adsystem.com	1 redirects bullshireonline.com
2	ad.doubleclick.net	2 redirects
2	img.secureserver.net
2	as.ad4m.at	ad4m.at as.ad4m.at
2	googlecm.hit.gemius.pl	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.facebook.com	bullshireonline.com
2	s0.2mdn.net	tpc.googlesyndication.com
2	fls-eu.amazon-adsystem.com	ws-eu.amazon-adsystem.com
2	static.zotabox.com	app.ecwid.com bullshireonline.com
2	ecomm.events	app.ecwid.com ecomm.events
2	img1.wsimg.com	1 redirects bullshireonline.com
2	fonts.googleapis.com	bullshireonline.com googleads.g.doubleclick.net
1	banner.congstar.de	as.ad4m.at
1	stats.zotabox.com	img1.wsimg.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	t.paypal.com	bullshireonline.com
1	static-de.ad4mat.net	ad4m.at
1	www.paypal.com	www.paypalobjects.com
1	connect.sitewit.com	analytics.sitewit.com
1	stats.g.doubleclick.net	img1.wsimg.com
1	prod-rtb.ad4mat.net	bullshireonline.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.paypalobjects.com
1	d35z3p2poghz10.cloudfront.net
1	d1oxsl77a1kjht.cloudfront.net	app.ecwid.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	d3dq8sxcny4hg.cloudfront.net	app.ecwid.com
1	img6.wsimg.com	bullshireonline.com
1	cdn.onesignal.com	bullshireonline.com
1	click.driverfortnigtly.ga	bullshireonline.com
1	www.googletagmanager.com	bullshireonline.com
325	60

This site contains links to these domains. Also see Links.

Domain
www.amazon.co.uk
themezee.com
www.liveinternet.ru
api.whatsapp.com

Subject Issuer	Validity	Valid
bullshireonline.com Go Daddy Secure Certificate Authority - G2	`2020-11-14` - `2021-11-14`	a year	crt.sh
*.ecwid.com Sectigo RSA Organization Validation Secure Server CA	`2020-05-14` - `2022-08-16`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
click.driverfortnigtly.ga R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
images-fe.ssl-images-amazon.com GeoTrust RSA CA 2018	`2020-06-24` - `2021-09-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2021-03-05` - `2022-04-06`	a year	crt.sh
*.ecomm.events R3	`2021-07-17` - `2021-10-15`	3 months	crt.sh
analytics.sitewit.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-05` - `2021-11-04`	a year	crt.sh
ws-eu.assoc-amazon.com Amazon	`2020-12-25` - `2021-12-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
wms-eu.assoc-amazon.com Amazon	`2020-12-16` - `2021-11-27`	a year	crt.sh
fls-eu.amazon-adsystem.com Amazon	`2021-07-01` - `2022-06-01`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2021-04-29` - `2021-12-13`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.sitewit.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-12` - `2022-08-12`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-08` - `2022-01-11`	6 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-18` - `2021-11-22`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2019-10-22` - `2021-10-22`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://bullshireonline.com/store/
Frame ID: D6D2C214B0B20996440AEE2423FBE389
Requests: 177 HTTP requests in this frame

Frame: https://d2scn539ulxr09.cloudfront.net/static/br/2021-31534-g66f43817ab6/961FDC9B7C96FE2E860A7F1850C96EEC.cache.js
Frame ID: AE088471FA59B06EF7F9BBE2F5D3808F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html
Frame ID: FE25D48966FE2B0D96AB1E61EC50E796
Requests: 1 HTTP requests in this frame

Frame: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=qf_sp_asin_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1789014913&asins=1789014913&linkId=6dba419000e3436ea5d78437bd0f9b10&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Frame ID: C912752C4799725FD7F7788406A5AB34
Requests: 6 HTTP requests in this frame

Frame: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=tf_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1474606059&asins=1474606059&linkId=f337263b38ac5ffab6a88a9f005107a8&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Frame ID: 2A123D1B6A92BDF40EB4128BEE535AC9
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&adk=3125035740&adf=3575477428&lmt=1628264910&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910283&bpp=4&bdt=291&idt=346&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2524259339848&frm=20&pv=2&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385
Frame ID: 6405637356793FDA7B8EEFE1247C05B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&slotname=4368077240&adk=3154651062&adf=1958210375&pi=t.ma~as.4368077240&w=1200&fwrn=4&fwrnh=100&lmt=1628264910&rafmt=1&to=pso&tp=site_kit&psa=0&channel=WordPressPage%2Bpso-lv-4&format=1200x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910287&bpp=4&bdt=295&idt=452&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9MQi4re2Gt&p=https%3A//bullshireonline.com&dtd=470
Frame ID: DD1BB82CC8420A7D6E8924FA1275F348
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=364&slotname=5223824213&adk=2563230863&adf=1293123218&pi=t.ma~as.5223824213&w=288&lmt=1628264910&rafmt=11&tp=site_kit&psa=0&format=288x364&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910412&bpp=4&bdt=420&idt=468&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=198&ady=1570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ApbaBOrKye&p=https%3A//bullshireonline.com&dtd=472
Frame ID: 598997D122E0D31B1844C3E38163C6AA
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&slotname=5844810442&adk=1009447710&adf=659210693&pi=t.ma~as.5844810442&w=339&fwrn=4&fwrnh=100&lmt=1628264910&rafmt=1&to=pso&tp=site_kit&psa=0&channel=WordPressPage%2Bpso-lv-5&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910429&bpp=1&bdt=437&idt=481&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364&nras=1&correlator=2524259339848&pv_ch=WordPressPage%2B&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=2MCoUrdJW8&p=https%3A//bullshireonline.com&dtd=489
Frame ID: 8E7EB2D5ECCC7A6E4A5F3A1FD2171288
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&adk=3341392137&adf=3464414444&pi=t.aa~a.1263416195~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=15&bdt=1128&idt=-M&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280&nras=2&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=GQ3Y7Uq4ne&p=https%3A//bullshireonline.com&dtd=67
Frame ID: 24396244D59E7EB3868825353A8EB8F1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=200&adk=738672978&adf=3931349002&pi=t.aa~a.1263416195~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x200&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=1&bdt=1128&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280&nras=3&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=uFfZQGisdA&p=https%3A//bullshireonline.com&dtd=82
Frame ID: 99EEB1BC9D72F44B9921276F886BDD71
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
Frame ID: CF6A96025CDFFD6D34BAC6D73E27860D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/index.html
Frame ID: 70281F251A12215E7AE40E5ABE8C5312
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5889BA01C45F160B8865478D0C548FC2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CqYY3zlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS4AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLuXrtvUJMCqpLpvGEnW9GEJgTSABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi03MjgwMDY2NDA5NjAwNzcx&sigh=teV_aULWXzc
Frame ID: 28F261288172FF0986DA6C9E6A1735BC
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D
Frame ID: 10812431C006929F847A884A2B1CCD66
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D732355BCE439134EED5931F7E2BA2C0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=100&adk=2205331714&adf=1704077290&pi=t.aa~a.1263417226~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264912&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x100&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911130&bpp=1&bdt=1138&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280%2C339x200%2C1005x124&nras=5&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=4770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H-YCWT5xQgCCxjxm0XMpBUZfuEuZZfTUa1IAD-UBNKIi7-D_w3-P3IJqfMfb_-sL-q-q_OkvrdPDp8pmxPsy8UgrGm4RuaZ4OxjF98&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=gxKKaWdx8q&p=https%3A//bullshireonline.com&dtd=1697
Frame ID: 94049B5305B3D06D06378F525F9F66A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 651634AD40901FAD13621F4E10712D7C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F81DA5DA32342BE6038223217935D35C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 10E84E90D8F27164C7D5AD2946394FD1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 84BF403E6399BBB1CF89F08D9DE482A5
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 996C6AE025721F11BE41DFC491BA0FDE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
Frame ID: 7BD938E8FA183A057E9569AB43036063
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html
Frame ID: 29D807CB7DE85ECFAFDFEF6E9F10C51A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C216I0FkNYf7FM42PgAe4oY_wBKCykfZjnqqD3qsNkO_Ex50WEAEgrdbXJWCVAqABo9awxAPIAQmpAveS9xSAzrM-qAMByANIqgTSAU_Q9zH1Ey0fORKkeGicwhoRhdz41ghJWBY-K62b44HJUWhiIKE2gb9QZEPjoniHmh_-BV0o7WLLMDcmwUSTsPSZ5uc6yDUo7XixPeY5SRJYP20Hhas9a8-VfabI_Xz5EpvI55JBtyfPOInxutMBK8xolv2el6AS-3v_lWkfyvKJO2LH8MeTxkGLGaW4rB7v-ByGl_7eebQHTj8LACN_fdwMIzY4yvIJlqX7NDnunY37JSaW0jjd9-RST9zAlkUEbZ6kAY-igt2dEw6pQB4G38jvzMAEx8-0vrICkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8WpzzuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQxuMD0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTcyODAwNjY0MDk2MDA3NzE&sigh=QaobuJRXzeM&template_id=419
Frame ID: CF5A89DD8CD2F4543EB9BD409553A331
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
Frame ID: A6C69FE200A90D03D46D8F371D904507
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CEC1A16C1C61731228A2E5E61CBCC3EB
Requests: 2 HTTP requests in this frame

Frame: https://static.zbcdn.net/__cfwsvgt/asset/script/jquery.js
Frame ID: B1D357B2F1C3C21C9BD0B61FBA2EF46D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
Frame ID: 60D160A33F2983F1A8D4E738F9A4A339
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
Frame ID: 3398A1513CF551F5CC3C09DD0F49DBBC
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9B102CF567194B2B2DE661F66A05DD38
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F5D02E733A335FE473AAE96B3C24797
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

325
Requests

100 %
HTTPS

56 %
IPv6

41
Domains

60
Subdomains

53
IPs

7
Countries

7822 kB
Transfer

15892 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.co.uk/gp/product/1526720418/ref=as_li_tl?ie=UTF8&camp=1634&creative=6738&creativeASIN=1526720418&linkCode=as2&tag=thebulsho-21&linkId=8ecc0da80d95bf43e141b9c6c7ab36a5

Search URL Search Domain Scan URL

URL: https://themezee.com/
Title: ThemeZee

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;demonas

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=&text=https://bullshireonline.com/store/
Title: Chat on Web

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://ws-eu.amazon-adsystem.com/widgets/q?_encoding=UTF8&MarketPlace=GB&ASIN=1526720418&ServiceVersion=20070822&ID=AsinImage&WS=1&Format=_SL250_&tag=thebulsho-21 HTTP 302
https://m.media-amazon.com/images/I/51euTWdrr0L._SL250_.jpg

Request Chain 89

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

Request Chain 228

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 240

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKsbXpOulFQL8Rfd5KMBYXTOEMb7kJr0E7QwPrPpb-FXadPdD4cnffwYURyNuReZRm9eB5kZwbs90NbQ8MrhkzAqAGsn7k&google_gid=CAESEF_hdX4klLbE53iGO9w4skk&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNKztYgGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLc2JYcE91bEZRTDhSZmQ1S01CWVhUT0VNYjdrSnIwRTdRd1ByUHBiLUZYYWRQZEQ0Y25mZndZVVJ5TnVSZVpSbTllQjVrWndiczkwTmJROE1yaGt6QXFBR3NuN2s HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQUlBWjJ2eEdvMzNLRld0dnZPWC1TSFJmRGFLdG5SVWtxSVY4bVNWUGRjUQ==&google_push

Request Chain 241

https://rtb.openx.net/sync/dds?google_gid=CAESEJc55BgPGLjwtDCHAM3oFps&google_cver=1&google_push=AYg5qPIjMIp2_q2xCjoVZN999rZQ8k22BYiMg4zcB-xN4DcykDPMQrmgvAWsYYFYyV7qFE99am8P8mNmfhQafcYa1biiXuQiH7k HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEJc55BgPGLjwtDCHAM3oFps&google_cver=1&google_push=AYg5qPIjMIp2_q2xCjoVZN999rZQ8k22BYiMg4zcB-xN4DcykDPMQrmgvAWsYYFYyV7qFE99am8P8mNmfhQafcYa1biiXuQiH7k&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjMIp2_q2xCjoVZN999rZQ8k22BYiMg4zcB-xN4DcykDPMQrmgvAWsYYFYyV7qFE99am8P8mNmfhQafcYa1biiXuQiH7k&google_hm=_R9j17Jlwu4rmCNasRWRrg==

Request Chain 242

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIUC9W8EiX657geciW-SZa4&google_cver=1&google_push=AYg5qPLWaIaoGEWHa3jzHeHq8O4MpFkmd_mVIFO8Rvm9V_44QrG_8P8yrSlPDrl57g-1MUnmIN_ZUys_m9BNiEUua8KOS0tFuIE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIUC9W8EiX657geciW-SZa4&google_cver=1&google_push=AYg5qPLWaIaoGEWHa3jzHeHq8O4MpFkmd_mVIFO8Rvm9V_44QrG_8P8yrSlPDrl57g-1MUnmIN_ZUys_m9BNiEUua8KOS0tFuIE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ms43Oz0uQE-7V90j4oS6ig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLWaIaoGEWHa3jzHeHq8O4MpFkmd_mVIFO8Rvm9V_44QrG_8P8yrSlPDrl57g-1MUnmIN_ZUys_m9BNiEUua8KOS0tFuIE

Request Chain 243

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIvW5v59pHN9ZJjtp0tn478&google_cver=1&google_push=AYg5qPIHVzS5yEbzu-VQrHWAFmXbBQyzScJZleMT1QJsG3Cd-qW2nzwMvSgGzXgJVlySS2OGI5fVBP2yqvB54SIcOmvUiRxKI7Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1MwSVcwQUotMVgtNkk0Sw==&google_push=AYg5qPIHVzS5yEbzu-VQrHWAFmXbBQyzScJZleMT1QJsG3Cd-qW2nzwMvSgGzXgJVlySS2OGI5fVBP2yqvB54SIcOmvUiRxKI7Y

Request Chain 244

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc=

Request Chain 245

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMY7WQqYbvUcEq5oEeiT6jU&google_cver=1&google_push=AYg5qPJ3oJXhTPfrAKpkhs2Llo0q-hVyQbEG4jVvqJVvQ47ogKQkt1mz4qPUuedUqJdrB5r0RO4G84-J9_i-vF1mwma1DlZy608 HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3oJXhTPfrAKpkhs2Llo0q-hVyQbEG4jVvqJVvQ47ogKQkt1mz4qPUuedUqJdrB5r0RO4G84-J9_i-vF1mwma1DlZy608&google_hm=

Request Chain 273

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 283

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKqtJ-Ggp00kFv4r6H9J64E&google_cver=1&google_push=AYg5qPIasHYIL2FPZp6t0nyPrs5MDADIbT44nKZayyInan3vGOfZVJsPGaO6uNomGCIUINFnWVADeRLK4JqX-fZcTBXVBUh181iB HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIasHYIL2FPZp6t0nyPrs5MDADIbT44nKZayyInan3vGOfZVJsPGaO6uNomGCIUINFnWVADeRLK4JqX-fZcTBXVBUh181iB&google_hm=IFvbsUWqwRTEaKUPtNGHLA

Request Chain 284

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJIiGZmfWQnz1iPGpq7cDQap3DUmrrfEFiApBHbXKfDL8oFR8HhVrDSUN3BNH8nDILKlUHx0WD7J3dFc2pTHWgtUgPvhTtA&google_gid=CAESEPspyTplM1vNrXNVQIAe2rE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVExWjBnQUFBYWtTeFM5WA&google_push=AYg5qPJIiGZmfWQnz1iPGpq7cDQap3DUmrrfEFiApBHbXKfDL8oFR8HhVrDSUN3BNH8nDILKlUHx0WD7J3dFc2pTHWgtUgPvhTtA

Request Chain 285

https://rtb.openx.net/sync/dds?google_gid=CAESENgLGhrW0p0EOs9BpfOaLX4&google_cver=1&google_push=AYg5qPLqgyQGUXYeg9m0vUuvB-uC78IQtnaeqo2XVI0KOYUNCxAbcU1-7ZRekqPYVIJKnRvxf2bO-IYAhK8iR9MDs1aoXeehLx7_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLqgyQGUXYeg9m0vUuvB-uC78IQtnaeqo2XVI0KOYUNCxAbcU1-7ZRekqPYVIJKnRvxf2bO-IYAhK8iR9MDs1aoXeehLx7_&google_hm=_R9j17Jlwu4rmCNasRWRrg==

Request Chain 286

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBgTlQ7GnA3dPPUCBpVxDRQ&google_cver=1&google_push=AYg5qPIJIgVC3xje1FDek-ZnZGCoPRv-IC3DGJVh4CmkqKlCT7Muq2uXj3CNswke2qvoxEd0hNAHXmlpX02lneLoY9YTc6lx7a4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ms43Oz0uQE-7V90j4oS6ig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJIgVC3xje1FDek-ZnZGCoPRv-IC3DGJVh4CmkqKlCT7Muq2uXj3CNswke2qvoxEd0hNAHXmlpX02lneLoY9YTc6lx7a4

Request Chain 287

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECxtD4Q9KCvYwlSHVgsBt2E&google_cver=1&google_push=AYg5qPI40ukNnGyFEUSEQI1i6HTt3EMl6VhI2niN7nPtbTY1fU7IBaWYGn46vhAHQIXF0AgRQIUwcQEcvqyxPIGWsuMNmZpy1U6o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1MwSVcwVFAtMUstNk9GVw==&google_push=AYg5qPI40ukNnGyFEUSEQI1i6HTt3EMl6VhI2niN7nPtbTY1fU7IBaWYGn46vhAHQIXF0AgRQIUwcQEcvqyxPIGWsuMNmZpy1U6o

Request Chain 289

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEITcEpVqDdhM83jtTuEJgTY&google_cver=1&google_push=AYg5qPKgoETz1o7AiIiiX1r11khcX1RrJjZGG4m-pTa6RST8_6gKU-RUDAardT9Pmku9Iqqy7xYUcEEIeMPrR9fWUs-jt2WthR5u HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKgoETz1o7AiIiiX1r11khcX1RrJjZGG4m-pTa6RST8_6gKU-RUDAardT9Pmku9Iqqy7xYUcEEIeMPrR9fWUs-jt2WthR5u&google_hm=

Request Chain 291

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 305

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 309

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 328

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__asuid0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheHasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COuL07_fnPICFVO33godRfQKIw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__asuid0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheHasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__asuid0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheHasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628264916_c32c21b0-f6cd-11eb-bfe3-692d0dec5663

325 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bullshireonline.com/store/ 245 KB
36 KB 160ms
33ms Document
text/html 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

7e07a69eebbba972a495642ed0bc76297a562609b4822506c97cde53e879a896

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: bullshireonline.com
:scheme: https
:path: /store/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 06 Aug 2021 15:48:29 GMT
content-type: text/html; charset=UTF-8
content-length: 36115
x-sucuri-id: 19020
x-xss-protection: 1; mode=block 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff nosniff
content-security-policy: upgrade-insecure-requests;
age: 686
content-encoding: gzip
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: EXPIRED
accept-ranges: bytes

GET
H/1.1 200
OK script.js Show response
app.ecwid.com/ 77 KB
21 KB 134ms
38ms Script
text/javascript 18.198.144.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.144.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bb01cdd545c4ffe510e035732c10ea38f931fd8116c469ad133287ef12c1ddee

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:30 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"277119317"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Cache-Control: private,must-revalidate,max-age:3
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token

GET
H2 200 cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css
bullshireonline.com/wp-content/fonts/ 12 KB
1 KB 22ms
18ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

a9da7735ab8deb5319b92d41c73f696b1867ef6838a4b564b02971a4fd979310

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 226460
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 946
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 21:00:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
bullshireonline.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 24ms
20ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 10523
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Mon, 19 Jul 2021 00:56:57 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
bullshireonline.com/wp-content/plugins/ecwid-shopping-cart/css/ 2 KB
1 KB 25ms
21ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/plugins/ecwid-shopping-cart/css/frontend.css?ver=6.10.12

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

b386064729c5fe39d8c11f0848927837fc89017db6ed30c17735005dcbe7c814

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/plugins/ecwid-shopping-cart/css/frontend.css?ver=6.10.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 655
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dashicons.min.css
bullshireonline.com/wp-includes/css/ 58 KB
35 KB 29ms
25ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-includes/css/dashicons.min.css?ver=5.8

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-includes/css/dashicons.min.css?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 35730
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
bullshireonline.com/wp-content/plugins/post-views-counter/css/ 289 B
703 B 33ms
29ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.4

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 201
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 04 Apr 2021 07:44:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sharify-style.php
bullshireonline.com/wp-content/plugins/sharify/ 6 KB
1 KB 33ms
30ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/plugins/sharify/sharify-style.php

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

485e3b5ca3bd94222a5e9a5afcdfde3b7dd7559e98aba39b47b0eb2d3329e288

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/plugins/sharify/sharify-style.php
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES:Forced
x-backend: local
age: 37960
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding, User-Agent
content-length: 1065
x-xss-protection: 1; mode=block 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
x-cache-hit: HIT
cache-control: must-revalidate
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes

GET
H2 200 sharify.css
bullshireonline.com/wp-content/plugins/sharify/icon/css/ 2 KB
1 KB 33ms
30ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/plugins/sharify/icon/css/sharify.css

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

f9f71aebd6bec05d5a39924f517d9a853d7ed16b015c39b09efd944a1f68798f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/plugins/sharify/icon/css/sharify.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 226460
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 904
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 25 Sep 2016 08:13:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
668 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 13:48:36 GMT
server: ESF
date: Fri, 06 Aug 2021 15:48:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Aug 2021 15:48:30 GMT

GET
H2 200 style.css
bullshireonline.com/wp-content/themes/tortuga/ 71 KB
12 KB 35ms
32ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/themes/tortuga/style.css?ver=2.2.2

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

27b735a808975c0cdec2f759ba4afd7a47c63ca87d6e614fce067c677ba5048e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/themes/tortuga/style.css?ver=2.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 12073
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:57 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 safari-flexbox-fixes.css
bullshireonline.com/wp-content/themes/tortuga/assets/css/ 460 B
751 B 36ms
33ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/themes/tortuga/assets/css/safari-flexbox-fixes.css?ver=20200420

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

22cc88ba1b04743117a705c32d3f9680ec5dfd60f560dace2754063fbcea2d55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/themes/tortuga/assets/css/safari-flexbox-fixes.css?ver=20200420
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 226460
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 249
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genericons.css
bullshireonline.com/wp-content/themes/tortuga/assets/genericons/ 28 KB
17 KB 37ms
34ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/themes/tortuga/assets/genericons/genericons.css?ver=3.4.1

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/themes/tortuga/assets/genericons/genericons.css?ver=3.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 16441
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flexslider.css
bullshireonline.com/wp-content/themes/tortuga/assets/css/ 5 KB
2 KB 41ms
39ms Stylesheet
text/css 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/themes/tortuga/assets/css/flexslider.css?ver=20210304

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

f0fcc839bdd3445cba30e6832f67b4c987b64363196bb50e1f2b1caa691f1525

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/themes/tortuga/assets/css/flexslider.css?ver=20210304
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 1355
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1517-5c0457ed54d50-gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
bullshireonline.com/wp-includes/js/jquery/ 87 KB
31 KB 42ms
40ms Script
application/javascript 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 30908
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
bullshireonline.com/wp-includes/js/jquery/ 11 KB
5 KB 46ms
44ms Script
application/javascript 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 226460
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 4169
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.js Show response
bullshireonline.com/wp-content/plugins/ecwid-shopping-cart/js/ 2 KB
1 KB 49ms
47ms Script
application/javascript 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/plugins/ecwid-shopping-cart/js/frontend.js?ver=6.10.12

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

0b2616dc0ed3aaded1f8d884a8c0400d12a3e9b68eeb2c006215c2a642dbce5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/plugins/ecwid-shopping-cart/js/frontend.js?ver=6.10.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 599
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 svgxuse.min.js Show response
bullshireonline.com/wp-content/themes/tortuga/assets/js/ 3 KB
2 KB 49ms
47ms Script
application/javascript 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/themes/tortuga/assets/js/svgxuse.min.js?ver=1.2.6

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/themes/tortuga/assets/js/svgxuse.min.js?ver=1.2.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 1266
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.flexslider-min.js Show response
bullshireonline.com/wp-content/themes/tortuga/assets/js/ 22 KB
7 KB 49ms
48ms Script
application/javascript 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/themes/tortuga/assets/js/jquery.flexslider-min.js?ver=2.6.0

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/themes/tortuga/assets/js/jquery.flexslider-min.js?ver=2.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 226460
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 6418
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slider.js Show response
bullshireonline.com/wp-content/themes/tortuga/assets/js/ 502 B
815 B 50ms
48ms Script
application/javascript 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/themes/tortuga/assets/js/slider.js?ver=20170421

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

7213837405a71f7beb4f15cbbfb217995e5b25daed87b347770eaa6e889f9db5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/themes/tortuga/assets/js/slider.js?ver=20170421
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224715
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 303
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 33ms
14ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-77736897-1

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d31e127cc3c20210777aa14b86d8649567c9eb27e847b73e4ab6bc5728aeef89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40771
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:06:14 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Aug 2021 15:48:30 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 56ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81c7685af96badd81fad41fff2e20d53306a6b33c8662ca5821ba36622f6b4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 14869471898732562513
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 15:48:30 GMT

GET
H2 200 cropped-BullshireOnline-Website-Header.jpg
bullshireonline.com/wp-content/uploads/2016/05/ 114 KB
115 KB 37ms
19ms Image
image/jpeg 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bullshireonline.com/wp-content/uploads/2016/05/cropped-BullshireOnline-Website-Header.jpg

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

dc09898b8a58edb1ecb4aba65aa15d9ab9679cd5b4c84fa0f1781dcb81f8c732

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/uploads/2016/05/cropped-BullshireOnline-Website-Header.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 186752
x-cache: cached
x-sucuri-cache: HIT
content-length: 116769
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sat, 14 May 2016 07:16:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1c821-532c82a1dd740"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2378144103.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 15 KB
15 KB 156ms
58ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2378144103.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb59ff4ba4ee7d579b1e9a24288ce648eeda0c4336844fe39517ddd2537fd3b7

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jul 2021 12:37:47 GMT
server: AmazonS3
age: 1998383
etag: "3c2ea35f7181cfde3f3633b60a85867f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 15223
x-amz-cf-id: GOiWQWKz67dsXZlHH0vWEu3CYv9fOW3LpviFOPeeeggy8OsyG7Dbsg==

GET
H2 200 2372239856.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 24 KB
24 KB 142ms
44ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2372239856.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4731e21d2d3ccca8e8251a3c1a7cc18fea5fc9aaff29e4ec4721074d29225f6b

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 10:54:34 GMT
server: AmazonS3
age: 1998383
etag: "d8d4fb917e56eb8c56ac09f3d8851700"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 24471
x-amz-cf-id: OkZyCjQN46rY0ptJrljSpL7fkt-0xXqodJVfsDb-4kLr3h06kYUSTg==

GET
H2 200 2351219176.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 22 KB
22 KB 160ms
62ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2351219176.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94e8e1dc7c4c175e5fa22f9b0032f3e1e2b44e30cab8bd3989af6c3b29970b99

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:47 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 16 Jun 2021 12:05:47 GMT
server: AmazonS3
age: 1200644
etag: "72d9dc6a1107d8fb8f0614c8fe3006a4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 22182
x-amz-cf-id: jW63SXtiJUbid-52AkEMRA6aE2bdnthcDWOyl3TCwZ99IO4NR_dPAw==

GET
H2 200 2333941178.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 18 KB
18 KB 167ms
69ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2333941178.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce0c7d32f170b7bd99bb13054d541aa0e148765b818ebb839fc06ba205f7c9cd

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 07 Jun 2021 11:12:22 GMT
server: AmazonS3
age: 1998383
etag: "8c1fa10c1df60549cbe30f361caf5c13"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 18344
x-amz-cf-id: ouPdKdVAwsuS5vyKQqw-8TZO1lULxgIIvn9Z9R7y6i7yOYFMH-mgjg==

GET
H2 200 2326996265.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 15 KB
15 KB 182ms
85ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2326996265.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2d493880a2dc3a251460ef4b1d97e29682f92165b4a3594eb895263752966df

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 13:25:40 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jun 2021 12:14:11 GMT
server: AmazonS3
age: 181371
etag: "141a41a570f28729f8e9c0e5e5d8ec03"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 15338
x-amz-cf-id: 4VDbMcSC22XhpJQcRkLCEsn-3YIVsT5Eencgn-GFMs86suI1VxPeMA==

GET
H2 200 2292077740.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 50 KB
50 KB 131ms
71ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2292077740.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64eec022883d7979664691a9fbe1b077c8288e0d4e08ad847dd73efbffb10603

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 09:05:28 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 18 May 2021 13:05:45 GMT
server: AmazonS3
age: 1147383
etag: "e0a9f464da6fd70b51be285295490adb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 51082
x-amz-cf-id: 6LtjXr4xYF1qamtKxb3gHDBj40YBg78_EtSyu96RblTn3oxtDyEnag==

GET
H2 200 2289310942.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 22 KB
23 KB 49ms
41ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2289310942.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e36688f50451e7fa9efbb5dfd2916a0aea8a26adae312ac7dc1b79951c10e39

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 07:58:32 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 17 May 2021 12:43:12 GMT
server: AmazonS3
age: 2620199
etag: "5b6d638906b52c5bcb92c272b56164dc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 22834
x-amz-cf-id: VJGUEJt9WiqX6L8NaOUgcOlchPm9l9ha-umqJ2Qyz2KgVZMyXGlqRg==

GET
H2 200 2286804262.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 21 KB
21 KB 53ms
44ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2286804262.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dffa9944f85400a88e322e5ef6465b5e1930c526aad5524aa7444935e91317a5

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:35:59 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 09:47:04 GMT
server: AmazonS3
age: 3165152
etag: "03c07422bff2fb60421813e62d62f778"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 21373
x-amz-cf-id: XNV7THi4QpZzqeMs6AM8rXYfb_8cGYjAhFSQIvjiLzZKGPMtdc1jGQ==

GET
H2 200 2268257479.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 20 KB
21 KB 61ms
52ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2268257479.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad59a5a6b59a97bb2e46daadcd01a8e5366fb1513e71ecd9a055d7d6611f45a9

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:05 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sat, 08 May 2021 15:41:31 GMT
server: AmazonS3
age: 1998386
etag: "75cf21a50932e90be0e088464a2e89df"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 20721
x-amz-cf-id: 49YuZEp92p_zTcjM0Hh5r-EHdSjbdWcS0jgmdKQ0azN1fm0wiMyTsg==

GET
H2 200 2268229632.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 23 KB
24 KB 62ms
53ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2268229632.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad0a497ada041aea5414d6819439957d936ead1e4f0d1b49ceffceb5bda8a3a

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:47 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sat, 08 May 2021 15:16:32 GMT
server: AmazonS3
age: 1200644
etag: "9d698dcf28add390380834c56f12d89a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 23700
x-amz-cf-id: rF8K0fSpK9NVsknGVJRzRlpDPKum8OcIFFWIIp4Dr12kSjNN7Qdhcw==

GET
H2 200 2262535770.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 18 KB
19 KB 63ms
54ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2262535770.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5d0628e911bede03fa2a96368ead88f5fa71904772b867d4428503fdacde0f3

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:36:00 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 06 May 2021 11:20:55 GMT
server: AmazonS3
age: 3165151
etag: "d68b0526728e485481acc0097be88bf2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 18891
x-amz-cf-id: g4lKFefeqWpma1DM75Gflmg9kUNkbXfLc-3CuGQjXQaTU_5V0G1WZw==

GET
H2 200 2260401832.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 18 KB
19 KB 64ms
55ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2260401832.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16da15aa6e405fdc34f5db5c23f9f000db59c0690afd9bb33cca32eeb699682c

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:47 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 05 May 2021 14:59:42 GMT
server: AmazonS3
age: 1200643
etag: "587a9198ef0668323bef32694a0b83f9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 18573
x-amz-cf-id: 84iBVZ2INrfVoKug-MiA39s6RqJ2VXwf2hBSYOFqE60jhu1FEEdFcQ==

GET
H2 200 2241613804.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 25 KB
25 KB 65ms
56ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2241613804.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47cace1d6871bfe05d91b009931d496fb7bd6d68d656550dce95818f9f053356

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:47 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 14:45:51 GMT
server: AmazonS3
age: 1200643
etag: "488155dd29f3bf982dee50f2fa5f947f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 25675
x-amz-cf-id: 5jjGMHqc8PicQMcHDB1_Q42ELVTYqHgRiQ80rnyYs18jY_3SnbCRiw==

GET
H2 200 2241604459.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 24 KB
24 KB 67ms
58ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2241604459.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 299f076b3c5588b631445c20bfb228e53f1fea573910ee6552711851f408c23c

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:48 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 14:45:06 GMT
server: AmazonS3
age: 1200643
etag: "8503bffacf7d42f1cb45f62cdfcbc733"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 24329
x-amz-cf-id: TDFf4lAF6TlAXatMHJhTDRAL0netbq1wQTW4NViR1lKgRFiq6qpVdg==

GET
H2 200 2227899696.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 22 KB
22 KB 71ms
62ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2227899696.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4aa77ac0416c0114af8b99df46c75fa94ad61a9e16a48c1e8ff0f45cb564d52

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 06:10:18 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Fri, 23 Apr 2021 13:17:25 GMT
server: AmazonS3
age: 2626693
etag: "97472f95956004dc25ad9f1969449e23"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 22244
x-amz-cf-id: seaJIF0o7vAV8gLCy-DC_9tjcgIkwExWCUY4Z7fSxXDwucc9PhzISA==

GET
H2 200 2226072192.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 22 KB
23 KB 72ms
64ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2226072192.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40b569995131e7d1d8a6c2ef0b6b824789a773eec08d785865c113633c448b18

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 11:56:16 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 22 Apr 2021 21:39:47 GMT
server: AmazonS3
age: 705135
etag: "dfef4e96aa59c4189360db6e61945022"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 22754
x-amz-cf-id: ZuAlfFRQ4LM0zFBiTePHhe-F9fcuCW2k9wjY_IZB4FbY3oOhwqqM4g==

GET
H2 200 2172594917.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 27 KB
27 KB 76ms
67ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2172594917.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9df2e8e636d2f6fe9edf0e6195a97ddc9fd742da9b1ef56dd9dc15dfc24418a9

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 11:12:04 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Fri, 09 Apr 2021 16:20:16 GMT
server: AmazonS3
age: 2608587
etag: "a4856c7c7770171fab8da47cd76fc225"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 27163
x-amz-cf-id: WMfmca05kwg4POMN-WlEzD_a9q47oSFMxoV2aOmzWCH9knGi5rt7eA==

GET
H2 200 2156895645.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 20 KB
20 KB 77ms
68ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2156895645.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed5765ba52c79f33c9cb03fa9bdad21e0f33bc188a1d430f9365699d8fda654d

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:49 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 05 Apr 2021 11:09:00 GMT
server: AmazonS3
age: 1200642
etag: "02b6f46d1bd21b588560a48f1f9c6896"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 20362
x-amz-cf-id: FvgktPUiagQ6ORtdJIVegKvaRkFDjzVLlFbewh034Tj4E1t1n5UTUQ==

GET
H2 200 2148252563.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 24 KB
24 KB 81ms
72ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2148252563.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7828f4ea1c13f7e062160c7fcd15eb48c9dfbd7498a670f618d6b755dfd562f

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:33:23 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 01 Apr 2021 21:16:18 GMT
server: AmazonS3
age: 3939308
etag: "b87f0b25aff0a4a9ac3c446063213634"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 24491
x-amz-cf-id: Vg3NRceb5xMl_WE5im_k2CznRj-ohXBpR-XagfgFW6jhzRcUN2cZHw==

GET
H2 200 2148134358.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 18 KB
19 KB 81ms
73ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2148134358.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f660caf5215cf88f5393d38d2153bee465ab11b2c9694b988b757ffd8ca7326

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:38:54 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 01 Apr 2021 20:33:24 GMT
server: AmazonS3
age: 806977
etag: "01b4a615e55f5a3f53d7509001ffb8a0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 18610
x-amz-cf-id: oLBBax-H1w2Kw_OY2sC17Gb3wdnzb3DHSG2ASnRBcUJG0VVxrHFEdw==

GET
H2 200 2147911203.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 21 KB
21 KB 82ms
74ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2147911203.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aaefc893ba7cd0a964810b7923f85d6345c1f91df3c3e88e0f46937abb162d98

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:36:02 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 01 Apr 2021 18:23:23 GMT
server: AmazonS3
age: 3165149
etag: "fa68af55ba4bf3c5151c61590005a738"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 21214
x-amz-cf-id: roqxLUNZJtW-FnmmWxgRAcuxXKPW0rgnG23eoekDlJyl7s1rFccByw==

GET
H2 200 2147871226.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 21 KB
21 KB 83ms
75ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2147871226.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19e37d15284ee5cd6fb864e73bfee952e1fa9d2174dd257a0045a8281df67a86

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:38:54 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 01 Apr 2021 18:10:08 GMT
server: AmazonS3
age: 806977
etag: "fcbb3cbfa0d01598e921dcad8e1ed75b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 21239
x-amz-cf-id: QR75SwsYFxG8lmIWyIKl7sJiJFbqqC9NPh5hc5vSUVmOx65TdBM1tg==

GET
H2 200 2130733624.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 18 KB
19 KB 84ms
76ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2130733624.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5d69bbcce4c1cde21dfad4641b64ed8908c705cf3bf167001a806fab5137740

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sat, 27 Mar 2021 10:06:30 GMT
server: AmazonS3
age: 798700
etag: "3a182c266494ba552e25f2f2c5bc8146"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 18766
x-amz-cf-id: psSBN1RGUjdA2ObGjQY0SUuUMooCVic1iHZGEiHJhNhaT6xgU_diCQ==

GET
H2 200 2126847478.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 26 KB
27 KB 85ms
77ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2126847478.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38fb0acdec490c31e3943ca173a05025af91459eb0210d6debc451347d6096aa

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 25 Mar 2021 20:06:42 GMT
server: AmazonS3
age: 798700
etag: "2bb13b090694a1c0bea478610da7bd66"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 26753
x-amz-cf-id: gtwnWj0mPrJ4h8Jpjy59prxb3LhC11rt3Fw583fFutuR_qw72_fgDQ==

GET
H2 200 2117338043.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 21 KB
21 KB 92ms
84ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2117338043.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2c560e78b478d914f44d979474e9e563154675a346a3797ea9436d31976ee75

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:05 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 18:58:06 GMT
server: AmazonS3
age: 1998386
etag: "3bc4eebd2a6ff1327fdb9867f3e3f4d2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 21618
x-amz-cf-id: VBTQbjVXY4dxbUdKCW8C69B-n5vfsPfytQYRqGff_xLFvKZAsKInFQ==

GET
H2 200 2099838196.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 17 KB
17 KB 112ms
103ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2099838196.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57811d35963fb72200c505b6cf3c3ae5bf001da1616dd22f1219e0595a9b7bc2

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:49 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 12:57:07 GMT
server: AmazonS3
age: 1200642
etag: "b99531012ec3a816e4bf67b19319abcd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 16989
x-amz-cf-id: x8xd47S-eiQJCt9bwZboLsNlPgaBVtI_ZG1WLnv8GP_1cnDcIHExFQ==

GET
H2 200 2087396487.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 27 KB
28 KB 93ms
85ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2087396487.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bcd0d3ed3dcd01498b62bfcff4e9b8919f5357995e37240f7b809e679b5dc72a

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:36:03 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 08:36:43 GMT
server: AmazonS3
age: 3165148
etag: "459633e8b1c67f52ecf3e35f369d69f4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 27798
x-amz-cf-id: GUcI26fgwZQr5Uimot2OrQw_nm5ZCSpRqtPYvAS8HbLKhr7mbr1UMg==

GET
H2 200 2082038996.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 13 KB
13 KB 102ms
94ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2082038996.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c142116acfeb5a5b97068987d7edfe38920d51e59a004d3542b90c8cdc55a0bc

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:49 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 19:37:04 GMT
server: AmazonS3
age: 1200642
etag: "88a376bba4ce6bdc3eb51696d2927147"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 12897
x-amz-cf-id: MQrBpg6u_tXc_RZfysHxlYHXtDNplN_a3kiAWs7BJTn8by-3biiFPw==

GET
H2 200 2081022733.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 20 KB
21 KB 102ms
94ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2081022733.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4413f4bb72d15fbdbf6d9b12930f3a42c7670d0d4823e3aacefa6ad94df85b92

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:38:54 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 12:21:08 GMT
server: AmazonS3
age: 806976
etag: "234ba607604ddd6a024f43fba7255977"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 20877
x-amz-cf-id: niRQG8mLTqT_nWxOotarFNO1HkN4YF7JpOWoo0oK5Mc2D1ggUnX2jg==

GET
H2 200 2080492475.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 17 KB
17 KB 103ms
95ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2080492475.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c71eb95d3044f28539593b358eb1b1a2f787212050622cac7cb16dab4f878016

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:38:55 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 09:20:33 GMT
server: AmazonS3
age: 806976
etag: "c1f34326fd9c0abc8dd8797506c1b496"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 17274
x-amz-cf-id: uv5vjuoe6SRWU6picQLOOLqJAqAtTVZeJ-odHXg2c-qa0ZuSqStGVQ==

GET
H2 200 2077899977.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 21 KB
21 KB 103ms
95ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2077899977.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dab3eb9d69e33f7403c996133ec252a213e2dabe473d759775d1aeb2ed848b8c

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:50 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 09 Mar 2021 15:17:06 GMT
server: AmazonS3
age: 1200641
etag: "bcda22ab5a62668d3ec7675650d54004"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 21130
x-amz-cf-id: vG4JDHeeuqjWHTj3s1S3SObcGj4qz6BIpV2-9uaXD3Cv27eKrl8t2Q==

GET
H2 200 2065910207.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 27 KB
27 KB 104ms
96ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2065910207.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73b4d861db575a89dbec8b109d9eed31c1aec249694bcbd238e7e532e2e723fd

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:36:04 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Fri, 05 Mar 2021 13:06:18 GMT
server: AmazonS3
age: 3165147
etag: "b144c9738901f7cb3a47d1ed80ef31b3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 27203
x-amz-cf-id: q-CAGthYpkv-eF0cY8zhO2gFuJJFrTyaPTi-P-_s29VfdCtIHMXnng==

GET
H2 200 2056425685.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 24 KB
24 KB 104ms
96ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2056425685.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d49380623ce55b9f88bb80d034292186db3a18965fa9c14dbd0c8b629a3198b

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 11:12:04 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 02 Mar 2021 11:01:28 GMT
server: AmazonS3
age: 2608587
etag: "12ff43f80ca750909ed4bd19789aec62"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 24361
x-amz-cf-id: 0x1ypqyBRtHEd6YE7KxSosS9jf1pi42UMSAstH2Nis74io68a752cA==

GET
H2 200 2052794054.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 19 KB
19 KB 106ms
98ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2052794054.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea74caa02349eb87721df87181928ccf626445beba1e49185aa30aee1417eaaf

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:36:04 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 10:38:54 GMT
server: AmazonS3
age: 3165147
etag: "827e7d6658b03b27aed02d039d9d0842"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 18999
x-amz-cf-id: M3TzArqFe768x5-4aEZg7bQAADtTVmD7y3thWAK-W8tGpU-dp8QasQ==

GET
H2 200 2050025717.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 24 KB
25 KB 110ms
102ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2050025717.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa20d56677ffad13a3d05d2b954b5a872ff5cf902c6ce8b374ecaf62f0949d68

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 28 Feb 2021 10:05:04 GMT
server: AmazonS3
age: 798700
etag: "f04a8c2bfe3a6e0a390f012f45dfd4b1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 24770
x-amz-cf-id: kMj9lCyANaj6c0wWWn2TBsNKdsLzPiBACoAQe3NENcEhoyrL7yfCTQ==

GET
H2 200 2042213438.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 18 KB
18 KB 107ms
99ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2042213438.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 987ecf2b25f10b5eaabd09e48df6dfd5b8739a79ea0ae887317798fcaaa83a98

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 25 Feb 2021 10:04:28 GMT
server: AmazonS3
age: 798700
etag: "2cb9c510122ffcb370e0ff8ede95e794"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 18299
x-amz-cf-id: 1ntVQSCXjUW7nFQsZUIiZ8yMf0ziGb86kBH8Dld1FMhZs4RyofTxBg==

GET
H2 200 2042418329.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 28 KB
28 KB 107ms
99ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2042418329.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8de8a317421636f96a47537ffa3d36a4e3f9a28af23be750a4c291de152bac21

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 25 Feb 2021 11:29:56 GMT
server: AmazonS3
age: 1200640
etag: "57acd0448ed1c8e1b9cfb7ede0ea48dd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 28438
x-amz-cf-id: qw-3-cqNK6p4UQmJzByrCZ5pUzIQnMYJ0EbkT4An39MjQ_Ioj6zG9w==

GET
H2 200 2033230373.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 18 KB
19 KB 109ms
101ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2033230373.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 216aa86951eed9d7b7ea45c2498c818986f8bd87591fc9a46f6e37813080d778

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 21 Feb 2021 20:36:30 GMT
server: AmazonS3
age: 1200640
etag: "48516ed7e317b5a4885099ea31109d4f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 18813
x-amz-cf-id: sYLFGl19WStOjuCrKd1Poxk5jGxC3RtcEQiYDsU2Zdj7RAqJ3iQVVg==

GET
H2 200 2023997101.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 22 KB
22 KB 111ms
103ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2023997101.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9934015919c242c6cf20cda6c96a85e19f86343d413dcf8d6a121197ab4da3a

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:36:05 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 18 Feb 2021 09:59:23 GMT
server: AmazonS3
age: 3165146
etag: "acbc375b35fa513a1d21674148944ee5"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 22520
x-amz-cf-id: t8SRCdO-WQ3ZBC13ykYvmaDm2N5TYF0YBRRXjH9njyFQlA3T0DgSSQ==

GET
H2 200 2000063076.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 23 KB
24 KB 114ms
106ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2000063076.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2093650b5b24f38bbedffd238a225f9d607181fc822b0b4ed302ecf8a7a288ce

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Feb 2021 17:22:22 GMT
server: AmazonS3
age: 1200640
etag: "45f6d8e42b730c5dba25da358658cead"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 23982
x-amz-cf-id: Jx7dBc24nwZAV1y7jN14OwZc1efzlDWfHk9fsXOm3_9FHaAjDxkirg==

GET
H2 200 1994973700.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 20 KB
20 KB 114ms
106ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1994973700.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36393a51e7cf62e69dd1dd3be6a98945bd9f40b038900f1b893b09819527ead7

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:36:06 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 09:30:17 GMT
server: AmazonS3
age: 3165145
etag: "2841e9d598cae6698220269df2e70caa"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 20309
x-amz-cf-id: 1lysqoQQSiJ9FAALkoN9Oesvj2sx5m10ukqBnTjspjW1GUEGNAahlQ==

GET
H2 200 1976564044.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 25 KB
25 KB 115ms
108ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1976564044.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d1894876e60e8efac9bb0004e8446c75f57d0a7a0e92a646ef868d8edc65728

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 13:25:42 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 03 Feb 2021 10:58:56 GMT
server: AmazonS3
age: 181368
etag: "78a440e392bfb400966c30060478bac7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 25123
x-amz-cf-id: IIy3isH7WsI1g3EIoHb_pDO_cRboG1NN-_rPs9fsVHrhbdz_S7qsBA==

GET
H2 200 1972911509.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 19 KB
20 KB 116ms
108ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1972911509.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a698969c671ac1a096d6d9e598220f1643442fb6d617c7b3afaed13b1fa2131

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 11:12:04 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 08:55:47 GMT
server: AmazonS3
age: 2608587
etag: "3a8b501fb1541a53b825afc328dd10cb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 19842
x-amz-cf-id: or2Aktewx9BELnQoK_Osfss_LYeY5tpH92LG7WKDMXnauFVWs9APag==

GET
H2 200 1967702878.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 23 KB
24 KB 118ms
110ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1967702878.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9daaf6a99d8c7256a8d39853f5529ae92a3704423e6d627a3e496ba04e71e62d

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:52 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 31 Jan 2021 11:42:14 GMT
server: AmazonS3
age: 1200639
etag: "5b47de8210400ff1c6df790795232812"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 23718
x-amz-cf-id: Qb3k5fT62jMyKBXgYzsV096NrL2ogOfwZv8-w0uymxWd6i_xjc_9MA==

GET
H2 200 1967805041.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 19 KB
20 KB 117ms
109ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1967805041.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69aa2a4522ea8a79c18dc0277497413e47a9090f2e65cbc98577bae67b5632ab

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 31 Jan 2021 11:37:05 GMT
server: AmazonS3
age: 798700
etag: "fdbb0355d53d314d071016be67ca92c0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 19882
x-amz-cf-id: NovHklmzv4-xUDUh27LtGVpYCilhyWpklaY1A4lkVkU-pT-Tf_hjAQ==

GET
H2 200 1967702742.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 15 KB
16 KB 123ms
115ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1967702742.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95c12caeceb7bfb2b4864398e304b19ada0e62ba4f49ee6a18539ab7db06e15c

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:52 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 31 Jan 2021 11:28:44 GMT
server: AmazonS3
age: 1200639
etag: "04d8909c78e033b67d9757cbe714a994"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 15748
x-amz-cf-id: ISSNoKB6S0pD-LXQvk2HJsq9hzV8mu4FD25pz4qTKeIakTdnT4nk9Q==

GET
H2 200 1963203459.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 20 KB
21 KB 123ms
116ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1963203459.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ecd5ea9ef0c2a0fa80026966eb9739912fa1f61fa4bee79db9a1ad979744470

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:50 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jan 2021 15:59:28 GMT
server: AmazonS3
age: 798701
etag: "827e2b1b261deff8ac1dbfefcb816f7f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 20703
x-amz-cf-id: XC9S_2RSbnPfYf75J7B7N2jqgYlGvu_bLzqNyyQXi9yH-uths2sx_A==

GET
H2 200 1947644147.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 27 KB
28 KB 125ms
118ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1947644147.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3852b70a923432b03d32edf2d32f3a66ffdc3d0d136d2023cc00c870b4ca097

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 24 Jan 2021 14:49:01 GMT
server: AmazonS3
age: 798700
etag: "7ffeca13240a3b588a0d1de5d707219e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 28002
x-amz-cf-id: tk1v2pGGJU7GUgJdARDk8PUtrGsY3gDAW6GC0u134-TukzPhU1nrYw==

GET
H2 200 1890278869.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 21 KB
21 KB 127ms
119ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1890278869.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53454fb170d4a873be79bb3fa37447a64f994b78f4a276e66d3a3c6a8f1dd097

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:52 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jan 2021 18:20:42 GMT
server: AmazonS3
age: 1200638
etag: "107ae8f1136c9d1370c76e193a95da6a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 21073
x-amz-cf-id: YIYefseQJYYdQdfOZxIzQiQIMKu8VrbWmfh6xbUYd532ta_anmUTOQ==

GET
H2 200 1849998701.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 41 KB
41 KB 127ms
120ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1849998701.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c789eec815ff37afa447e381d40faaee3c79e18a2dd21e391510470a89add4bf

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 16:01:37 GMT
server: AmazonS3
age: 798700
etag: "f8ead75287cc2e62f2a295e52e829a43"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 41774
x-amz-cf-id: zYj8MqZ-Evl6pNVQ0L1Si3afxIXu4uam3FRdb1vXzhKmfr3Odxvvhw==

GET
H2 200 1798543382.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 26 KB
26 KB 130ms
123ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1798543382.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 342ce775dd6a845824c50cef855d4a835714019af703a1ed5bd3f6f748be3523

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:38:56 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 25 Nov 2020 12:48:04 GMT
server: AmazonS3
age: 806975
etag: "dafa9b17ac9d625da2656331182a9c3b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 26476
x-amz-cf-id: lUOnhAa_JsEe_UWO8JsWdSmaRi2TNr0wrTe9MZQ3Tglg3oDiL8k8rw==

GET
H2 200 1796348817.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 24 KB
25 KB 129ms
121ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1796348817.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6c603ed33f28c9811402ee922568d41a06e7ba28af188ca9bdf9ab9feb6174b

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:36:07 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 24 Nov 2020 15:30:11 GMT
server: AmazonS3
age: 3165144
etag: "4435bea725da04a80ec2bb6062389195"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 25038
x-amz-cf-id: nWTC1D8v3dizVCy8hd8RLCjCcfL3B4mRBO1oi3-uGNcqb2UNblqdDQ==

GET
H2 200 1778099032.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 24 KB
24 KB 136ms
129ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1778099032.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 159bae2eb92b11e89acede38c7891d9438142fa919a3e237ddcc84b803068589

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:41 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 13:32:03 GMT
server: AmazonS3
age: 798710
etag: "a4d959fc0c664965d4b7953d07287796"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 24135
x-amz-cf-id: RQWVbnCfzcGRjLoLr7986hqc5x_SXseLCNQX6aItK_egdJ5qGdOjNg==

GET
H2 200 1776303540.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 23 KB
24 KB 131ms
124ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1776303540.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5e55efe212109777cf599ac832582d0b1121704917afe6e598219bcfeb7f43f

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:38:56 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 15 Nov 2020 11:42:13 GMT
server: AmazonS3
age: 806975
etag: "969eefdcaaa4150f88028a40e978576e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 23897
x-amz-cf-id: 7b1OypHpTcG48OPA8FyzqfnjKY28HBYns384WDxMGrdakVRuzzxpKQ==

GET
H2 200 1763490567.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 23 KB
23 KB 132ms
125ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1763490567.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b60b8221d853ed0edf3dd19c90b0d713f7c8a5423f1cb04d47d9bb348b71629

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:17:53 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 09 Nov 2020 11:30:25 GMT
server: AmazonS3
age: 1200637
etag: "b5b06ee74ce76794bf7b9be6dea0da02"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 23304
x-amz-cf-id: sE4SM2qNN-8cU5z6j1I-CSLxZfjUvMhd5xZl4cbuA1ibMjzSCCEXtg==

GET
H2 200 1720042974.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 23 KB
24 KB 133ms
125ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1720042974.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fb62cb10b254746c2c30036621eb112960a6e95fbcce9eb5edab8b61d089ad8

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:50 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 22 Oct 2020 17:08:58 GMT
server: AmazonS3
age: 798701
etag: "ee51e70c96fdcd794d32a602eb68cf9a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 23841
x-amz-cf-id: i7M-kLEUQ-7xPKUjBj0ljxhiAN6AIfLRkRDbwVnOPNBMDo5uIsRK2g==

GET
H2 200 1715878277.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 24 KB
25 KB 133ms
126ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1715878277.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7480d1c800c24f7949bfc09ae816a43923d020d169da36678bebdac4de8ceea

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:36:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 20 Oct 2020 08:44:05 GMT
server: AmazonS3
age: 3165143
etag: "882f36dff8774a185621662429c7e9f9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 24903
x-amz-cf-id: ndwd097QDK6xpMGMfQ9gOI7Sg1Lk8VAESiPRtjTdr_tHKfJYpMg_-A==

GET
H2 200 1600986332.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 23 KB
23 KB 134ms
127ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1600986332.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c20b52abd6276eadcaeb7e69c43a0d381c957b97bdb7c3b1e8823b4b777a00c6

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 09:05:32 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 18 Aug 2020 13:07:23 GMT
server: AmazonS3
age: 1147379
etag: "285477b3646fb582e2a619d5ae0e06ab"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 23408
x-amz-cf-id: 5dOul5NgXhRbTd2CMXzUD0kuBa85Z6JGQsF0Cv9Jd3m9uy_C1iYFSA==

GET
H2 200 1578781565.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 23 KB
23 KB 134ms
127ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1578781565.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa41555ce7d1f7330f85796dfda2950eabb1bf320d82bad637b1f023eea8d889

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Fri, 07 Aug 2020 06:04:41 GMT
server: AmazonS3
age: 798700
etag: "2b215f0ed0ba20c44380b09de31eebd4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 23544
x-amz-cf-id: vLLukq9AicTSnN8md22nnfhH864cBj0m4E4YV-ej7Ak4n8uJGAnMHw==

GET
H2 200 1549718264.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 13 KB
13 KB 135ms
128ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1549718264.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4db96363dd835662f6ed67c4f903aeceb027ba452aa87b05227c76360513aea6

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 09:56:51 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sat, 25 Jul 2020 08:39:03 GMT
server: AmazonS3
age: 798700
etag: "be847c34aa53034b21e0cfdee32c9246"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 12811
x-amz-cf-id: HEjly1x8fH151sECsd-L7DHneNOEM1149SeSoG1IMPG3EOenUW1yuQ==

GET
H2 200 drive.js Show response
click.driverfortnigtly.ga/ 1001 B
1 KB 160ms
34ms Script
application/javascript 45.9.150.63
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://click.driverfortnigtly.ga/drive.js?ft=ms
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.9.150.63 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software: nginx /
Resource Hash: c386ca8291273295d570b147809a62712bc6dd17fc85d56acf3901b6e2a3ad52

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
last-modified: Fri, 23 Jul 2021 18:05:26 GMT
server: nginx
etag: "60fb04e6-3e9"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

51euTWdrr0L._SL250_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-eu.amazon-adsystem.com/widgets/q?_encoding=UTF8&MarketPlace=GB&ASIN=1526720418&ServiceVersion=20070822&ID=AsinImage&WS=1&Format=_SL250_&tag=thebulsho-21
https://m.media-amazon.com/images/I/51euTWdrr0L._SL250_.jpg

14 KB
14 KB

73ms
31ms

Image
image/jpeg

2a02:26f0:6c00:286::108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.media-amazon.com/images/I/51euTWdrr0L._SL250_.jpg

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:286::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Server /

Resource Hash

061ce6c8068f9b1d91aeb1df611926a49300608287c9e49ee8190ecf7d5096d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: https://www.amazon.in, https://www.amazon.com
date: Fri, 06 Aug 2021 15:48:30 GMT
surrogate-key: x-cache-458 /images/I/51euTWdrr0L
last-modified: Thu, 07 Sep 2017 14:10:54 GMT
server: Server
strict-transport-security: max-age=86400
x-cache: Hit from akamai
x-nginx-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=630720000
x-amz-ir-id: e11232ab-9bd2-44f6-9793-82ecf88c134b
accept-ranges: bytes
content-type: image/jpeg
content-length: 14453
expires: Thu, 01 Aug 2041 15:48:30 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/51euTWdrr0L._SL250_.jpg
Date: Fri, 06 Aug 2021 15:48:30 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET
H2 200 sharifycounts.js Show response
bullshireonline.com/wp-content/plugins/sharify/admin/inc/ 804 B
966 B 37ms
17ms Script
application/javascript 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/plugins/sharify/admin/inc/sharifycounts.js?ver=1.4

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

fc811078e34ac8cf45084ddb500d1a4a75a26572664f8388489c63bbc81c2376

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/plugins/sharify/admin/inc/sharifycounts.js?ver=1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224714
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 454
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 25 Sep 2016 08:13:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 navigation.min.js Show response
bullshireonline.com/wp-content/themes/tortuga/assets/js/ 2 KB
1 KB 37ms
18ms Script
application/javascript 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/themes/tortuga/assets/js/navigation.min.js?ver=20200822

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

294250100f6d8e424a4e75c49539f5281bd308b22039e01f1cc86f94dee17e79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/themes/tortuga/assets/js/navigation.min.js?ver=20200822
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224714
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 705
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sun, 18 Apr 2021 20:59:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
bullshireonline.com/wp-includes/js/ 1 KB
1 KB 37ms
19ms Script
application/javascript 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-includes/js/wp-embed.min.js?ver=5.8

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224713
x-cache: cached
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 765
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 41ms
19ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 981
etag: W/"96fc99e13be87550fcfc4474d30d43d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 67a968e8f83a4db8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 09 Aug 2021 15:48:30 GMT

GET
H2 200 tcc_l.combined.1.0.6.min.js Show response
img1.wsimg.com/tcc/ 12 KB
5 KB 137ms
59ms Script
application/x-javascript 2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
last-modified: Fri, 31 Mar 2017 16:26:41 GMT
etag: "52ef5c943baad21:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4564
expires: Sat, 06 Aug 2022 15:48:30 GMT

GET
H2

200

tti.min.js Show response
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

24 KB
8 KB

42ms
37ms

Script
application/javascript

2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 247, 247
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
x-amz-request-id: VP8MMSVFK992J1PT
x-edgeconnect-midmile-rtt: 15, 15
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 7498
x-amz-id-2: WPdzJfQDQyS4hD+xuYsG8/XIlDF8SfFW6fY7TywWHFwCrHZxYW7+fWZzjZljcKq0iGAfdR/ixq8=
last-modified: Wed, 16 Jun 2021 21:48:11 GMT
date: Fri, 06 Aug 2021 15:48:30 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
date: Fri, 06 Aug 2021 15:48:30 GMT
cache-control: max-age=5
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0
expires: Fri, 06 Aug 2021 15:48:35 GMT

GET
H2 200 genericons-neue.svg
bullshireonline.com/wp-content/themes/tortuga/assets/icons/ 27 KB
28 KB 35ms
30ms Other
image/svg+xml 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/themes/tortuga/assets/icons/genericons-neue.svg

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/themes/tortuga/assets/icons/genericons-neue.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES:Forced
x-backend: local
age: 37977
x-cache: cached
x-sucuri-cache: MISS
vary: User-Agent
content-length: 28006
x-xss-protection: 1; mode=block 1; mode=block
x-cache-hit: HIT
last-modified: Sun, 18 Apr 2021 20:59:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "6d66-5c0457ed5bb36"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
bullshireonline.com/wp-content/fonts/open-sans/ 14 KB
15 KB 32ms
28ms Font
font/woff2 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/fonts/open-sans/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/fonts/open-sans/mem8YaGs126MiZpBA-UFVZ0b.woff2
pragma: no-cache
origin: https://bullshireonline.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: bullshireonline.com
referer: https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://bullshireonline.com
Referer: https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224713
x-cache: cached
x-sucuri-cache: HIT
content-length: 14380
x-xss-protection: 1; mode=block 1; mode=block
x-cache-hit: HIT
last-modified: Sun, 18 Apr 2021 21:00:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "382c-5c04580f494ad"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
bullshireonline.com/wp-content/fonts/titillium-web/ 12 KB
13 KB 33ms
29ms Font
font/woff2 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
pragma: no-cache
origin: https://bullshireonline.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: bullshireonline.com
referer: https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://bullshireonline.com
Referer: https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224713
x-cache: cached
x-sucuri-cache: HIT
content-length: 12356
x-xss-protection: 1; mode=block 1; mode=block
x-cache-hit: HIT
last-modified: Sun, 18 Apr 2021 21:00:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3044-5c04580f9638b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
bullshireonline.com/wp-content/fonts/open-sans/ 15 KB
15 KB 33ms
30ms Font
font/woff2 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bullshireonline.com/wp-content/fonts/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/fonts/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
pragma: no-cache
origin: https://bullshireonline.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: bullshireonline.com
referer: https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://bullshireonline.com
Referer: https://bullshireonline.com/wp-content/fonts/cd37ee9d3ce5cf22ed2a63f5b0f3ad98.css?ver=20201110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:29 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 224713
x-cache: cached
x-sucuri-cache: HIT
content-length: 15056
x-xss-protection: 1; mode=block 1; mode=block
x-cache-hit: HIT
last-modified: Sun, 18 Apr 2021 21:00:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3ad0-5c04580f73987"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Origin: https://bullshireonline.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 new-frontend.en.-2097932478.js Show response
d2scn539ulxr09.cloudfront.net/rosetta/translations/new-frontend/files/ 207 KB
56 KB 176ms
121ms Script
text/html 13.225.84.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2scn539ulxr09.cloudfront.net/rosetta/translations/new-frontend/files/new-frontend.en.-2097932478.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-72.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6375d4a9aa6b166535037067fee56595681a6560b73296ec562c8d37f89c21e2

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 17:05:00 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 17:03:22 GMT
server: AmazonS3
age: 81811
etag: W/"616ed8501eb3cd7ed80042365a000717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: tMLU3lu9MTcHJNNdn0coxTbvSURjSs2C
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
content-type: text/html;charset=UTF-8
x-amz-cf-id: 794ZM6TddSSj_Ifnvi8Vrc76Gmvdmc_6KncHhTON8RodhRFp55Z8kA==

GET
H2 200 ecwid-storefront.1821cbf9fe5eaf38f0e9505b43d574c7.min.js Show response
d2scn539ulxr09.cloudfront.net/venera/static/ 909 KB
207 KB 155ms
102ms Script
application/javascript 13.225.84.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2scn539ulxr09.cloudfront.net/venera/static/ecwid-storefront.1821cbf9fe5eaf38f0e9505b43d574c7.min.js

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.84.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-84-72.fra2.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

fdb9724bbed79acd867eba87875e7291ae63471f2c2bbdfe9f9b8cabfa02e642

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 04:55:54 GMT
content-encoding: gzip
server: nginx/1.19.0
age: 211956
etag: 1821cbf9fe5eaf38f0e9505b43d574c7
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: CLJBYnGJK_WLZFWWsf-wtd8wmdq3rsmsNKfd2C2GeSc_8XHGaZHMOw==
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)

GET
H2 200 states.js Show response
d3dq8sxcny4hg.cloudfront.net/ 68 KB
22 KB 63ms
15ms Script
application/javascript 2600:9000:21f3:ee00:1f:f560:8d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dq8sxcny4hg.cloudfront.net/states.js?hc=264330282&callback=window.ecwid_states_data.loaded
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ee00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ac344a7303f59b11c699f7f42b0d5fb9c380c1e829e68f801cbe0cec8a2a442f

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 12:24:56 GMT
content-encoding: gzip
server: nginx
age: 9602614
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
content-length: 21753
x-amz-cf-id: P7I6GQGKBEc8DqkzoXnpZgzxySr1baA2TWGIDRBzjqlERHjMnD5DHw==

GET
H/1.1 200
OK data.js Show response
app.ecwid.com/ 36 KB
9 KB 57ms
57ms Script
application/javascript 18.198.144.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/data.js?ownerid=9383088&callback=window.ecwid_initial_data.data.doInit
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.144.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5adea377e0fe5a36535cf7fbcbbd9bff8651b006ca145856112cdfaa8080a328

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:30 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 8541
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2 200 i.js Show response
ecomm.events/ 5 KB
2 KB 359ms
120ms Script
text/javascript 18.211.81.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ecomm.events/i.js

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.211.81.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-81-84.compute-1.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

cc30f7b46bc71c0888305e3e2ba268408505fc3918717626dbae49448ddf33cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx/1.19.0
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H2 200 961FDC9B7C96FE2E860A7F1850C96EEC.cache.js Show response
d2scn539ulxr09.cloudfront.net/static/br/2021-31534-g66f43817ab6/ Frame AE08 2 MB
452 KB 60ms
35ms Script
application/javascript 13.225.84.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2scn539ulxr09.cloudfront.net/static/br/2021-31534-g66f43817ab6/961FDC9B7C96FE2E860A7F1850C96EEC.cache.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-72.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e32e9741d47c69b01a71dc28e65fcd25fba749d304abccb059708881d50a34e5

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 14:52:15 GMT
content-encoding: br
age: 89776
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 461883
last-modified: Thu, 05 Aug 2021 14:36:06 GMT
server: AmazonS3
etag: "89ee1a1e30bdf13a9d6cad2f125bcab6"
x-amz-version-id: lLd3hkWVMAawND4y5.n81HhAhB0Z2feD
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: xlFtJnxmHjjMXY8F4GlT6MBcs3ir-WPuTVB4bKDOj3KGE9ykFHB_RQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77736897-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 716
date: Fri, 06 Aug 2021 15:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 06 Aug 2021 17:36:34 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/ 250 KB
93 KB 42ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7280066409600771&plah=bullshireonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59cbfdef4f2a9a846d7f98276813927762f7f67851c64975563139d17d47620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95395
x-xss-protection: 0
server: cafe
etag: 12107374755789589264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 15:48:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/ Frame FE25 10 KB
5 KB 11ms
4ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 05 Aug 2021 18:33:48 GMT
expires: Thu, 19 Aug 2021 18:33:48 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 76482
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ecwid.plugin.js Show response
analytics.sitewit.com/ 3 KB
4 KB 301ms
99ms Script
text/javascript 2600:1f18:243f:2d00:a874:dd37:27b9:63ad
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.sitewit.com/ecwid.plugin.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d00:a874:dd37:27b9:63ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 0f4962391b9596741409e70de4452d24cda1a1a5605ad85215ac0b1c14f2144f

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
cache-control: private,no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
content-length: 3316
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 widgets.js Show response
static.zotabox.com/ecwid/ 893 B
660 B 498ms
478ms Script
application/javascript 2606:4700:10::6816:37d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.zotabox.com/ecwid/widgets.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bfd149629ab51683ae226d39f8e675f9a6d14633849ac8907214c952642baf6

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 23 Jul 2021 10:41:29 GMT
server: cloudflare
etag: W/"60fa9cd9-37d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, max-age=3600
z-server: mariadb
cf-ray: 67a968e9ece84d8a-FRA
expires: Fri, 06 Aug 2021 16:48:30 GMT

GET
H/1.1 200
OK q Show response
ws-eu.amazon-adsystem.com/widgets/ Frame C912 14 KB
4 KB 162ms
38ms Document
text/html 52.94.216.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=qf_sp_asin_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1789014913&asins=1789014913&linkId=6dba419000e3436ea5d78437bd0f9b10&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 241b8a4a2a7360f474660b01ab99175d80684db959401ad1a8faf2f58a35be58

Request headers

Host: ws-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bullshireonline.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

Date: Fri, 06 Aug 2021 15:48:30 GMT
Server: Server
Content-Encoding: gzip
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
charset: UTF-8
Access-Control-Allow-Origin: *
Content-Length: 3340
Vary: User-Agent
Connection: close
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK q Show response
ws-eu.amazon-adsystem.com/widgets/ Frame 2A12 14 KB
4 KB 163ms
40ms Document
text/html 52.94.216.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=tf_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1474606059&asins=1474606059&linkId=f337263b38ac5ffab6a88a9f005107a8&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a0c4064429d7902ad44fac5cf62f8927d8697ec1e56ca6db6c8b64557d497360

Request headers

Host: ws-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bullshireonline.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

Date: Fri, 06 Aug 2021 15:48:30 GMT
Server: Server
Content-Encoding: gzip
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
charset: UTF-8
Access-Control-Allow-Origin: *
Content-Length: 3371
Vary: User-Agent
Connection: close
Content-Type: text/html;charset=UTF-8

GET
H2 200 Laser-Beam-Eyes-150x150.jpg
bullshireonline.com/wp-content/uploads/2018/12/ 15 KB
16 KB 63ms
27ms Image
image/jpeg 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bullshireonline.com/wp-content/uploads/2018/12/Laser-Beam-Eyes-150x150.jpg

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

a245748d482185e8b9450e85faf4fae2b606f34fe75a060455c25345c521f856

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/uploads/2018/12/Laser-Beam-Eyes-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 205617
x-cache: cached
x-sucuri-cache: HIT
content-length: 15471
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Tue, 18 Dec 2018 09:00:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3c6f-57d481fd93840"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Police-Lorry-Closing-Road-150x150.jpg
bullshireonline.com/wp-content/uploads/2017/01/ 17 KB
17 KB 62ms
26ms Image
image/jpeg 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bullshireonline.com/wp-content/uploads/2017/01/Police-Lorry-Closing-Road-150x150.jpg

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

1c4071cc1429ff51a8170a99ab0fe80857c90b429e5058d80a1dccdd15e34958

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/uploads/2017/01/Police-Lorry-Closing-Road-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 205617
x-cache: cached
x-sucuri-cache: HIT
content-length: 17401
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sat, 07 Jan 2017 20:46:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "43f9-545873a442800"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 A-Day-in-the-Life-of-a-Dog-Man-150x150.jpg
bullshireonline.com/wp-content/uploads/2018/12/ 15 KB
15 KB 62ms
27ms Image
image/jpeg 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bullshireonline.com/wp-content/uploads/2018/12/A-Day-in-the-Life-of-a-Dog-Man-150x150.jpg

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

0be41b4a412f7a4fdb18122b614403f1b3406b0ccda5a10227e74a8b94ffda91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/uploads/2018/12/A-Day-in-the-Life-of-a-Dog-Man-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 205617
x-cache: cached
x-sucuri-cache: HIT
content-length: 15361
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Sat, 15 Dec 2018 16:28:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3c01-57d120b1ebb40"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Angry-German-Shepherd-150x150.jpg
bullshireonline.com/wp-content/uploads/2018/12/ 17 KB
17 KB 65ms
30ms Image
image/jpeg 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bullshireonline.com/wp-content/uploads/2018/12/Angry-German-Shepherd-150x150.jpg

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

631c2a1cec54c119bfd02f87fb57665ece43d8814d151c0330d38025980c6e07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/uploads/2018/12/Angry-German-Shepherd-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 205616
x-cache: cached
x-sucuri-cache: HIT
content-length: 16927
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Fri, 14 Dec 2018 14:46:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "421f-57cfc7ea68b80"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Backs-of-Police-150x150.jpg
bullshireonline.com/wp-content/uploads/2018/12/ 17 KB
18 KB 66ms
31ms Image
image/jpeg 192.124.249.170
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bullshireonline.com/wp-content/uploads/2018/12/Backs-of-Police-150x150.jpg

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.170 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10170.sucuri.net

Software

nginx /

Resource Hash

0e4b72173488c51cd6a1f6fddaddd49333e288828cb28d1f4c91d80d23ff4501

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /wp-content/uploads/2018/12/Backs-of-Police-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bullshireonline.com
referer: https://bullshireonline.com/store/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bullshireonline.com/store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
x-content-type-options: nosniff nosniff
x-cacheable: YES
x-backend: local
age: 205616
x-cache: cached
x-sucuri-cache: HIT
content-length: 17644
x-xss-protection: 1; mode=block 1; mode=block
last-modified: Fri, 14 Dec 2018 14:11:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "44ec-57cfc027e7cc0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19020
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 16ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=699367433&t=pageview&_s=1&dl=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&ul=en-us&de=UTF-8&dt=Store%20%E2%80%93%20Bullshire%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=413659096&gjid=622246696&cid=2095971055.1628264911&tid=UA-77736897-1&_gid=1362430201.1628264911&_r=1&gtm=2ou840&did=dZTNiMT&z=817210344

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bullshireonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
23ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=699367433&t=pageview&_s=1&dl=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&ul=en-us&de=UTF-8&dt=Store%20%E2%80%93%20Bullshire%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAAC~&jid=1312963384&gjid=753309836&cid=2095971055.1628264911&tid=UA-77736897-1&_gid=1362430201.1628264911&_r=1&_slc=1&z=2047174012

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bullshireonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
663 B 92ms
36ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bullshireonline.com&callback=_gfp_s_&client=ca-pub-7280066409600771

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7280066409600771&plah=bullshireonline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c42134f2ec66be2a5bba73d528c797481f7c2e670dee935b0601dfb87bec10b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bullshireonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bullshireonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6405 119 KB
37 KB 244ms
242ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&adk=3125035740&adf=3575477428&lmt=1628264910&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910283&bpp=4&bdt=291&idt=346&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2524259339848&frm=20&pv=2&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d24e7352e1b33d146f38ebb0a8f56248abc0b1b5d1c26369f5a68eaec9dcbee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7280066409600771&output=html&adk=3125035740&adf=3575477428&lmt=1628264910&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910283&bpp=4&bdt=291&idt=346&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2524259339848&frm=20&pv=2&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 15:48:30 GMT
server: cafe
content-length: 37849
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 16:03:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:30 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2596198e77ccbdab3018bee48950659e33465901f5b2060ea5439ff6c1f6a9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076391864921"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27992
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:30 GMT

GET
H2 200 new
d1oxsl77a1kjht.cloudfront.net/css/ 1 MB
101 KB 487ms
400ms Stylesheet
text/css 2600:9000:21f3:8800:1c:b536:2c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=776582121&ownerid=9383088&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2&color-foreground=rgb(48%2C%2048%2C%2048)&color-price=rgb(48%2C%2048%2C%2048)&color-background=rgb(255%2C%20255%2C%20255)&color-link=rgb(221%2C%2085%2C%2051)&font-family=%22Open%20Sans%22%2Carial%2Chelvetica%2Csans-serif&useExactGalleryColors=false
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8800:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dbdbf67433a0dd599ee3c91538efb8dfab196fc35d48bb8e417d5f1716a3aaba

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:31 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: "776582121"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css;charset=utf-8
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: YAHWt9a1Bk81cVjRQGbn03o1ESeLghsc81TPyL4x6MJEkyrS5Fj5Fw==

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DD1B 430 B
230 B 821ms
821ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&slotname=4368077240&adk=3154651062&adf=1958210375&pi=t.ma~as.4368077240&w=1200&fwrn=4&fwrnh=100&lmt=1628264910&rafmt=1&to=pso&tp=site_kit&psa=0&channel=WordPressPage%2Bpso-lv-4&format=1200x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910287&bpp=4&bdt=295&idt=452&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9MQi4re2Gt&p=https%3A//bullshireonline.com&dtd=470

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cebdbaf528d6a8275dcc574edda447791c958d3815253129e72cb731e4074cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&slotname=4368077240&adk=3154651062&adf=1958210375&pi=t.ma~as.4368077240&w=1200&fwrn=4&fwrnh=100&lmt=1628264910&rafmt=1&to=pso&tp=site_kit&psa=0&channel=WordPressPage%2Bpso-lv-4&format=1200x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910287&bpp=4&bdt=295&idt=452&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9MQi4re2Gt&p=https%3A//bullshireonline.com&dtd=470
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 15:48:31 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 16:03:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:31 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5989 82 KB
28 KB 524ms
523ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=364&slotname=5223824213&adk=2563230863&adf=1293123218&pi=t.ma~as.5223824213&w=288&lmt=1628264910&rafmt=11&tp=site_kit&psa=0&format=288x364&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910412&bpp=4&bdt=420&idt=468&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=198&ady=1570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ApbaBOrKye&p=https%3A//bullshireonline.com&dtd=472

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

753ab8f327c72a7257570b91b7442145f02c29bd47dff03c2554d6a475b8ec1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7280066409600771&output=html&h=364&slotname=5223824213&adk=2563230863&adf=1293123218&pi=t.ma~as.5223824213&w=288&lmt=1628264910&rafmt=11&tp=site_kit&psa=0&format=288x364&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910412&bpp=4&bdt=420&idt=468&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=198&ady=1570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ApbaBOrKye&p=https%3A//bullshireonline.com&dtd=472
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 15:48:31 GMT
server: cafe
content-length: 28246
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Aug-2021 16:03:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:31 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
20ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bullshireonline.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
22ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bullshireonline.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 15:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E7E 16 KB
7 KB 758ms
757ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&slotname=5844810442&adk=1009447710&adf=659210693&pi=t.ma~as.5844810442&w=339&fwrn=4&fwrnh=100&lmt=1628264910&rafmt=1&to=pso&tp=site_kit&psa=0&channel=WordPressPage%2Bpso-lv-5&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910429&bpp=1&bdt=437&idt=481&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364&nras=1&correlator=2524259339848&pv_ch=WordPressPage%2B&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=2MCoUrdJW8&p=https%3A//bullshireonline.com&dtd=489

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eda6d2fb1517689bfe5225d70a562cb3ed1353d9feb5fa385b12507980991a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&slotname=5844810442&adk=1009447710&adf=659210693&pi=t.ma~as.5844810442&w=339&fwrn=4&fwrnh=100&lmt=1628264910&rafmt=1&to=pso&tp=site_kit&psa=0&channel=WordPressPage%2Bpso-lv-5&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910429&bpp=1&bdt=437&idt=481&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364&nras=1&correlator=2524259339848&pv_ch=WordPressPage%2B&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=2MCoUrdJW8&p=https%3A//bullshireonline.com&dtd=489
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 15:48:31 GMT
server: cafe
content-length: 7268
x-xss-protection: 0
set-cookie: IDE=AHWqTUlBMObFDYDYpr8mhUdtIntAJQ8H6upyonbxHYeAwnEirlgeFaauKNbbvQLBwzc; expires=Wed, 31-Aug-2022 15:48:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:31 GMT
cache-control: private

GET
H/1.1 200
OK a-logo-amazon.png
wms-eu.amazon-adsystem.com/panda/20070822/GB/img/ Frame C912 16 KB
16 KB 147ms
39ms Image
image/png 52.95.118.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-eu.amazon-adsystem.com/panda/20070822/GB/img/a-logo-amazon.png
Requested by: Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=qf_sp_asin_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1789014913&asins=1789014913&linkId=6dba419000e3436ea5d78437bd0f9b10&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: fd254fb2d7b0e1042af08e2c4500637e0d9fb6f4defe405286d322a5e24c17a4

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:31 GMT
Last-Modified: Wed, 21 Apr 2021 07:48:40 GMT
Server: Server
ETag: "4041-5c076ca8644b0"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=19
Content-Length: 16449
Expires: Fri, 13 Aug 2021 15:48:31 GMT

GET
H2 200 41GuSuorxhL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame C912 3 KB
3 KB 16ms
16ms Image
image/jpeg 2a02:26f0:6c00:286::108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.media-amazon.com/images/I/41GuSuorxhL._AC_AC_SR98,95_.jpg

Requested by

Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=qf_sp_asin_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1789014913&asins=1789014913&linkId=6dba419000e3436ea5d78437bd0f9b10&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:286::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Server /

Resource Hash

b410885b37fc55461ac2df620fa28148fe4d9b65191c17ca0bd8a709e111fe08

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: https://www.amazon.in, https://www.amazon.com
date: Fri, 06 Aug 2021 15:48:30 GMT
surrogate-key: x-cache-163 /images/I/41GuSuorxhL
last-modified: Tue, 16 Oct 2018 21:16:32 GMT
server: Server
strict-transport-security: max-age=86400
x-cache: Hit from akamai
x-nginx-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=630720000
x-amz-ir-id: 7610e788-aa7c-465c-beb9-7b6d67463986
accept-ranges: bytes
content-type: image/jpeg
content-length: 2785
expires: Thu, 01 Aug 2041 15:48:30 GMT

GET
H/1.1 200
OK prime.png
wms-eu.amazon-adsystem.com/panda/20070822/US/img/ Frame C912 3 KB
4 KB 167ms
38ms Image
image/png 52.95.118.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-eu.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=qf_sp_asin_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1789014913&asins=1789014913&linkId=6dba419000e3436ea5d78437bd0f9b10&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:31 GMT
Last-Modified: Wed, 21 Apr 2021 07:48:39 GMT
Server: Server
ETag: "d1d-5c076ca85815e"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=88
Content-Length: 3357
Expires: Fri, 13 Aug 2021 15:48:31 GMT

GET
H/1.1 200
OK json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame C912 43 B
200 B 164ms
39ms Image
image/gif 52.94.218.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1628264910932&p=%7B%22program%22%3A%222%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22thebulsho-21%22%2C%22refUrl%22%3A%22https%3A%2F%2Fbullshireonline.com%2F%22%7D
Requested by: Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=qf_sp_asin_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1789014913&asins=1789014913&linkId=6dba419000e3436ea5d78437bd0f9b10&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.94.218.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:30 GMT
x-amzn-RequestId: d476455e-8b1a-47ec-a52b-65916225ac5f
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK a-logo-amazon.png
wms-eu.amazon-adsystem.com/panda/20070822/GB/img/ Frame 2A12 16 KB
16 KB 164ms
39ms Image
image/png 52.95.118.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-eu.amazon-adsystem.com/panda/20070822/GB/img/a-logo-amazon.png
Requested by: Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=tf_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1474606059&asins=1474606059&linkId=f337263b38ac5ffab6a88a9f005107a8&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: fd254fb2d7b0e1042af08e2c4500637e0d9fb6f4defe405286d322a5e24c17a4

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:31 GMT
Last-Modified: Wed, 21 Apr 2021 07:48:40 GMT
Server: Server
ETag: "4041-5c076ca8644b0"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=76
Content-Length: 16449
Expires: Fri, 13 Aug 2021 15:48:31 GMT

GET
H2 200 41sBiCEMgKL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 2A12 1 KB
2 KB 15ms
15ms Image
image/jpeg 2a02:26f0:6c00:286::108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.media-amazon.com/images/I/41sBiCEMgKL._AC_AC_SR98,95_.jpg

Requested by

Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=tf_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1474606059&asins=1474606059&linkId=f337263b38ac5ffab6a88a9f005107a8&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:286::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Server /

Resource Hash

265cf7b936633de235e89a655b950dfb9be96673a25d7f221752d4341903b06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: https://www.amazon.in, https://www.amazon.com
date: Fri, 06 Aug 2021 15:48:30 GMT
surrogate-key: x-cache-071 /images/I/41sBiCEMgKL
last-modified: Wed, 27 May 2020 05:46:05 GMT
server: Server
strict-transport-security: max-age=86400
x-cache: Hit from akamai
x-nginx-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=630720000
x-amz-ir-id: 9eee9530-1158-4ceb-8923-4ff1e6095f83
accept-ranges: bytes
content-type: image/jpeg
content-length: 1513
expires: Thu, 01 Aug 2041 15:48:30 GMT

GET
H/1.1 200
OK prime.png
wms-eu.amazon-adsystem.com/panda/20070822/US/img/ Frame 2A12 3 KB
4 KB 162ms
39ms Image
image/png 52.95.118.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-eu.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=tf_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1474606059&asins=1474606059&linkId=f337263b38ac5ffab6a88a9f005107a8&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:31 GMT
Last-Modified: Wed, 21 Apr 2021 07:48:39 GMT
Server: Server
ETag: "d1d-5c076ca85815e"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=19
Content-Length: 3357
Expires: Fri, 13 Aug 2021 15:48:31 GMT

GET
H/1.1 200
OK json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 2A12 43 B
200 B 152ms
37ms Image
image/gif 52.94.218.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1628264910943&p=%7B%22program%22%3A%222%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22thebulsho-21%22%2C%22refUrl%22%3A%22https%3A%2F%2Fbullshireonline.com%2F%22%7D
Requested by: Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=tf_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1474606059&asins=1474606059&linkId=f337263b38ac5ffab6a88a9f005107a8&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.94.218.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:30 GMT
x-amzn-RequestId: 4bdda2a3-bec2-46e7-86e1-1dfcd712d7b7
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK cart.gif
wms-eu.amazon-adsystem.com/panda/20070822/US/img/ Frame C912 341 B
698 B 159ms
44ms Image
image/gif 52.95.118.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-eu.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=qf_sp_asin_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1789014913&asins=1789014913&linkId=6dba419000e3436ea5d78437bd0f9b10&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:31 GMT
Last-Modified: Wed, 21 Apr 2021 07:48:39 GMT
Server: Server
ETag: "155-5c076ca85a86f"
Content-Type: image/gif
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=18
Content-Length: 341
Expires: Fri, 13 Aug 2021 15:48:31 GMT

GET
H/1.1 200
OK cart.gif
wms-eu.amazon-adsystem.com/panda/20070822/US/img/ Frame 2A12 341 B
698 B 152ms
44ms Image
image/gif 52.95.118.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-eu.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-eu.amazon-adsystem.com
URL: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=GB&source=ac&ref=tf_til&ad_type=product_link&tracking_id=thebulsho-21&marketplace=amazon&region=GB&placement=1474606059&asins=1474606059&linkId=f337263b38ac5ffab6a88a9f005107a8&show_border=true&link_opens_in_new_window=true&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

Referer: https://ws-eu.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:31 GMT
Last-Modified: Wed, 21 Apr 2021 07:48:39 GMT
Server: Server
ETag: "155-5c076ca85a86f"
Content-Type: image/gif
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=75
Content-Length: 341
Expires: Fri, 13 Aug 2021 15:48:31 GMT

GET
H3-29 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/ 144 KB
52 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/reactive_library_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b08bd2e81df7790230135e81ef598de03213f5b4933b285e496437bbcbc2e3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52807
x-xss-protection: 0
server: cafe
etag: 1980546622563835483
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 15:48:31 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bullshireonline.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 15:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bullshireonline.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 15:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2439 60 KB
24 KB 683ms
682ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&adk=3341392137&adf=3464414444&pi=t.aa~a.1263416195~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=15&bdt=1128&idt=-M&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280&nras=2&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=GQ3Y7Uq4ne&p=https%3A//bullshireonline.com&dtd=67

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d37e66dbce1d939c2842419a7da4cc88f54ab1364c1052ca46bb10633c9a78cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&adk=3341392137&adf=3464414444&pi=t.aa~a.1263416195~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=15&bdt=1128&idt=-M&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280&nras=2&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=GQ3Y7Uq4ne&p=https%3A//bullshireonline.com&dtd=67
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 15:48:31 GMT
server: cafe
content-length: 24284
x-xss-protection: 0
set-cookie: IDE=AHWqTUnR7hQJEsN8PC8p91C1qBlIVKPZjEnROnS9W5AAGX8zar7FcdPcVWi6YQd9f7g; expires=Wed, 31-Aug-2022 15:48:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:31 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 99EE 83 KB
27 KB 518ms
517ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=200&adk=738672978&adf=3931349002&pi=t.aa~a.1263416195~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x200&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=1&bdt=1128&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280&nras=3&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=uFfZQGisdA&p=https%3A//bullshireonline.com&dtd=82

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0241983d02e9e7f006980ab7a081de5d305e8d8c6ee8cb5d10e616e4878c5f1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNnDib3fnPICFcEW4Aod5EcNAQ&gqi=z1kNYZvODcrX3wO08reQBA&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7280066409600771&output=html&h=200&adk=738672978&adf=3931349002&pi=t.aa~a.1263416195~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x200&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=1&bdt=1128&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280&nras=3&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=uFfZQGisdA&p=https%3A//bullshireonline.com&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNnDib3fnPICFcEW4Aod5EcNAQ&gqi=z1kNYZvODcrX3wO08reQBA&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 15:48:31 GMT
server: cafe
content-length: 27136
x-xss-protection: 0
set-cookie: IDE=AHWqTUkNRZBdSeN1OCutV1ERgpLSCKVvihcdSbfuMinLoZRwPn_SxOn6U0mlm7lG92I; expires=Wed, 31-Aug-2022 15:48:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:31 GMT
cache-control: private

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/ Frame CF6A 10 KB
4 KB 9ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 05 Aug 2021 20:49:40 GMT
expires: Thu, 19 Aug 2021 20:49:40 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 68331
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 1 KB
2 KB 9ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/index.html

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1452faeceadd009d89525f25dc2132819bc1d8897b50fa3abea4f9b454047bc2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 610
date: Sun, 01 Aug 2021 05:34:43 GMT
expires: Mon, 01 Aug 2022 05:34:43 GMT
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 468828
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF6A 0
0 54ms
47ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGdMqzlkNYb3FKs-CgQezjbfYC8e28PFj8OfFyLcO6K7pl_YnEAEgrdbXJWCVAqABn-TMswHIAQmpAuBwd6gXUWM-qAMByANIqgTHAU_Q_2G_oRU8bIabvNfzPREK67-PRf7zOYkNIUkO1rlh-4ldpwUWqj4r_m5ZVczB17WrraCpySCSIwDwg5Mw8V9IEnBzyFJ-MA3K15KOjB_KPfkj3XdsD1lO2cBCircKv0J5GKyLOYANuWicAwwG-sTyXZD7CW1fbTJ7vzF2BCy44qVRcAtVfxogxNkji4QEKEpgYHo6fD_VD8j2qveCK3CyvDs3sUXIV1rzPIJepUGCxQFtPsZ3RSQ9a11polRWhTKHLn-NhbnABI64ur_NA5IFBAgEGAGSBQQIBRgEoAYugAfJm7PMAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCOyCTSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNzI4MDA2NjQwOTYwMDc3MQ&sigh=O2mA18ko_r0&template_id=419

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 15:48:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:31 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame CF6A 18 KB
7 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:47:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame CF6A 2 KB
1 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:45:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame CF6A 14 KB
6 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:42:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF6A 124 KB
37 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:31 GMT

POST
H/1.1 200
OK rpc Show response
app.ecwid.com/ 12 B
238 B 34ms
33ms XHR
application/json 18.198.144.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=9383088&version=2021-31534-g66f43817ab6
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.144.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2021-31534-g66f43817ab6/
X-GWT-Permutation: 961FDC9B7C96FE2E860A7F1850C96EEC
Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 06 Aug 2021 15:48:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 12
Content-Disposition: attachment
Content-Type: application/json;charset=utf-8

POST
H/1.1 200
OK rpc Show response
app.ecwid.com/ 12 B
238 B 40ms
34ms XHR
application/json 18.198.144.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=9383088&version=2021-31534-g66f43817ab6
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.144.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2021-31534-g66f43817ab6/
X-GWT-Permutation: 961FDC9B7C96FE2E860A7F1850C96EEC
Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 06 Aug 2021 15:48:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 12
Content-Disposition: attachment
Content-Type: application/json;charset=utf-8

OPTIONS
H/1.1 200
OK rpc
app.ecwid.com/ Frame 0
0 165ms
42ms Preflight 18.198.144.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=9383088&version=2021-31534-g66f43817ab6
Protocol: HTTP/1.1
Server: 18.198.144.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-gwt-module-base,x-gwt-permutation
Origin: https://bullshireonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 06 Aug 2021 15:48:31 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, HEAD, POST, TRACE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token

OPTIONS
H/1.1 200
OK rpc
app.ecwid.com/ Frame 0
0 154ms
31ms Preflight 18.198.144.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=9383088&version=2021-31534-g66f43817ab6
Protocol: HTTP/1.1
Server: 18.198.144.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-gwt-module-base,x-gwt-permutation
Origin: https://bullshireonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 06 Aug 2021 15:48:31 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, HEAD, POST, TRACE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5989 2 KB
536 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=364&slotname=5223824213&adk=2563230863&adf=1293123218&pi=t.ma~as.5223824213&w=288&lmt=1628264910&rafmt=11&tp=site_kit&psa=0&format=288x364&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910412&bpp=4&bdt=420&idt=468&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=198&ady=1570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ApbaBOrKye&p=https%3A//bullshireonline.com&dtd=472

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:21:23 GMT
server: ESF
date: Fri, 06 Aug 2021 15:48:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Aug 2021 15:48:31 GMT

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 5989 31 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6310afc6b083799134ea872e83464c204f87e0963ec77d675f732682d6a06c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12643
x-xss-protection: 0
server: cafe
etag: 13082689728437942179
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:46:06 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1207693094051374367/ Frame 5989 15 KB
15 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1207693094051374367/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7cbac0637d7f7e742c8c00ce3a24adfbfb05787c7b4c756b9b6d01cf3df544c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:25:00 GMT
x-content-type-options: nosniff
age: 462212
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15353
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 07:57:09 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 07:25:00 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 5989 18 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:47:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 5989 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:45:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5989 124 KB
37 KB 472ms
470ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 5989 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:42:59 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7028 9 KB
3 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72761
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7028 26 KB
10 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 07 Aug 2021 12:37:33 GMT

GET
H3-29 200 styles.min.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 3 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba61b61c970e026906c2b9926079ff32378e8b20595731b4658741ed72f7091c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1026
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:43 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:43 GMT

GET
H2 200 gsap_3.1.0_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7028 56 KB
23 KB 76ms
17ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22938
x-xss-protection: 0
last-modified: Fri, 24 Jan 2020 21:59:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 15:48:31 GMT

GET
H3-29 200 img_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 15 KB
16 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/img_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fc1a185eca2d0148fff2127bead645bd412bcf89313e4c3ec70b81a6ca63935

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15857
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:44 GMT

GET
H3-29 200 script.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 10 KB
3 KB 9ms
7ms Script
application/x-javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/script.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc1d26fa255f9331bfb1a8c4dff20737a03c136890f197a3ccf85a22b33a09b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 266986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3273
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Tue, 03 Aug 2021 13:38:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:38:46 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5889 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkNRZBdSeN1OCutV1ERgpLSCKVvihcdSbfuMinLoZRwPn_SxOn6U0mlm7lG92I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=ISO-8859-1
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 06 Aug 2021 15:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 334
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: 1Z86GVNmv2+aNamAL3PdMjvDT+6JnqAXyhjxAxqXk4Kt1A0Sr2p/L/qoxk0g2nUQEwypAohqsNrVJXiKDXfOUg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Fri, 06 Aug 2021 15:48:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CF6A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 371e561430efd837e56e2e5e074940701d5334a11059a31af1907ed002e2e61e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1324
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 06 Aug 2021 16:26:27 GMT

GET
H2 200 horizontal-widget.js Show response
d35z3p2poghz10.cloudfront.net/horizontal-category-widget/v1.5/ 17 KB
6 KB 64ms
24ms Script
text/javascript 2600:9000:21f3:6600:19:7012:e500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35z3p2poghz10.cloudfront.net/horizontal-category-widget/v1.5/horizontal-widget.js
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6600:19:7012:e500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cc56fdd20d572eb1d79797f0deb9f039c7ff6fe0900da762874f766b580b2a

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: At4ck2u5ZgRF7h9TWWCcLBvqAE0HXIN6
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 09:29:41 GMT
server: AmazonS3
age: 477
etag: W/"9d4aef1e911770ad3c38c7ac1c1fc841"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control: max-age=600
date: Fri, 06 Aug 2021 15:40:46 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: vmiAe-E_c9C3LP_zpAjkXwp7CZNh48eWeGgWzYo7zcS6cFbjTPkLhw==

GET
H2 200 sw.js Show response
analytics.sitewit.com/partner/ecwid/9383088/ 19 KB
20 KB 97ms
97ms Script
text/javascript 2600:1f18:243f:2d00:a874:dd37:27b9:63ad
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.sitewit.com/partner/ecwid/9383088/sw.js
Requested by: Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/ecwid.plugin.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d00:a874:dd37:27b9:63ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 32b996f4376a4a0b0f03fb52aa66bba41b68e2b8cdef0e618f3346de3c8cfef6

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:32 GMT
cache-control: private,no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
content-length: 19422
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 9383088.widgets.js Show response
static.zotabox.com/ecwid/ 76 KB
20 KB 328ms
328ms Script
application/javascript 2606:4700:10::6816:37d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.zotabox.com/ecwid/9383088.widgets.js
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 918d8d777261a9db1ae8fb6a57a8f7aa394b68f20d437aa7b21677240509a994

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 23 Jul 2021 11:02:08 GMT
server: cloudflare
etag: W/"60faa1b0-131b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, max-age=3600
z-server: mariadb
cf-ray: 67a968f5df904d8a-FRA
expires: Fri, 06 Aug 2021 16:48:32 GMT

GET
H2 200 checkout.min.js Show response
www.paypalobjects.com/api/ 861 KB
188 KB 156ms
24ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.min.js

Requested by

Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f2bb6a699d5f7e9acc76f7c388244e7d60b3bc4fd01a349dc576276a3a7c98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: HIT, HIT
paypal-debug-id: 29bb5c616727b
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 191464
x-served-by: cache-sjc10080-SJC, cache-fra19165-FRA
last-modified: Tue, 04 May 2021 17:45:08 GMT
x-timer: S1628264912.441586,VS0,VE0
etag: W/"60918824-d72fc"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 5, 8

GET
H2 200 ecwid-checkout.4caa4f9311fe72c6c754128dbccc0d0f.min.js Show response
d2scn539ulxr09.cloudfront.net/venera/static/ 564 KB
136 KB 33ms
25ms Script
application/javascript 13.225.84.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2scn539ulxr09.cloudfront.net/venera/static/ecwid-checkout.4caa4f9311fe72c6c754128dbccc0d0f.min.js

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?9383088&data_platform=wporg&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.84.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-84-72.fra2.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

d551094e8b650c487f2d8648ce6721532e3315a92a9ade2dd4d397ec8adb0bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 04:54:55 GMT
content-encoding: gzip
server: nginx/1.19.0
age: 212017
etag: 4caa4f9311fe72c6c754128dbccc0d0f
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: OViqTZ8Pdc-3HgfxwHR1ORvzKq5CVnwf6d9xsx3dCZ8y5XyQvhDdJw==
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)

OPTIONS
H/1.1 200
OK rpc
app.ecwid.com/ Frame 0
0 36ms
32ms Preflight 18.198.144.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=9383088&version=2021-31534-g66f43817ab6
Protocol: HTTP/1.1
Server: 18.198.144.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-gwt-module-base,x-gwt-permutation
Origin: https://bullshireonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 06 Aug 2021 15:48:32 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, HEAD, POST, TRACE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token

POST
H2 200 register
ecomm.events/ 0
94 B 127ms
126ms Ping
text/plain 18.211.81.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ecomm.events/register

Requested by

Host: ecomm.events
URL: https://ecomm.events/i.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.211.81.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-81-84.compute-1.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Aug 2021 15:48:32 GMT
server: nginx/1.19.0
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

POST
H/1.1 200
OK rpc Show response
app.ecwid.com/ 12 KB
4 KB 49ms
48ms XHR
application/json 18.198.144.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=9383088&version=2021-31534-g66f43817ab6
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.144.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6061ef06912cb06ded3a844d6335ea9bf89112d0424437bb5f6b29c50308b56c

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2021-31534-g66f43817ab6/
X-GWT-Permutation: 961FDC9B7C96FE2E860A7F1850C96EEC
Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Date: Fri, 06 Aug 2021 15:48:32 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 3450

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5989 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 336128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H2 200 photoswipe.min.js Show response
d2scn539ulxr09.cloudfront.net/static/br/2021-31534-g66f43817ab6/photoswipe/ 40 KB
14 KB 26ms
25ms Script
application/javascript 13.225.84.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2scn539ulxr09.cloudfront.net/static/br/2021-31534-g66f43817ab6/photoswipe/photoswipe.min.js
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-72.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4e496e3e1e9869eeac6631ae7989cac969bc3ef9522578587ebaa840d218e16

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 14:52:14 GMT
content-encoding: br
age: 89779
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 13662
last-modified: Thu, 05 Aug 2021 14:36:21 GMT
server: AmazonS3
etag: "c4a6ddd9d4d6d08efbaca2037ed898ee"
x-amz-version-id: .6dMl6CxikENvSxC4ukPlaqdj6Rzj8B4
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: i4NdRZSJ9OSaDF6AXywjV3wRWPefIpw6Y-3XbjjWavEFhQmq5u8j7w==

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 28F2 0
0 30ms
29ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqYY3zlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS4AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLuXrtvUJMCqpLpvGEnW9GEJgTSABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi03MjgwMDY2NDA5NjAwNzcx&sigh=teV_aULWXzc

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&slotname=5844810442&adk=1009447710&adf=659210693&pi=t.ma~as.5844810442&w=339&fwrn=4&fwrnh=100&lmt=1628264910&rafmt=1&to=pso&tp=site_kit&psa=0&channel=WordPressPage%2Bpso-lv-5&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910429&bpp=1&bdt=437&idt=481&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364&nras=1&correlator=2524259339848&pv_ch=WordPressPage%2B&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=2MCoUrdJW8&p=https%3A//bullshireonline.com&dtd=489
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 15:48:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:32 GMT

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 28F2 0
0 36ms
12ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gtcyz24px3d2yeaj4w9yhkzynr1t9s00mzfm50vaadcq0es3crj3x41ssad0mrk0g2qtq361mh22k65e47p1z1fa7n5vc5jx68c9x9hqkfa225r0fr53dkb3jy3fth8j1z8wd2cxz76pdw8ewp25jbwv1sgr1pznqfrbsn77mhv1qtb2xz167dsmezbmtyspab7vybagfxz3m55hr9qyxa57zht039xcdsbstpx34gcrfa3fk643g1gyxjbzwr36s8axbnq6cvz86ksms5a9v18mstx5qq3c9nqmfe9z2htm3sahn0k21phprpmvvnh09vbj6tc4wfztfsxrghmp6fg6qvd8whx2d77b2fa0fv0d32qskmd63e11c0pej3w0f8w4yx1&b=YQ1ZzgAOUXAK3ofEAAoQdmVVLyNBv7wuJnkmJQ
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 Aug 2021 15:48:32 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 1081 2 KB
2 KB 52ms
24ms Document
text/html 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&slotname=5844810442&adk=1009447710&adf=659210693&pi=t.ma~as.5844810442&w=339&fwrn=4&fwrnh=100&lmt=1628264910&rafmt=1&to=pso&tp=site_kit&psa=0&channel=WordPressPage%2Bpso-lv-5&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910429&bpp=1&bdt=437&idt=481&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364&nras=1&correlator=2524259339848&pv_ch=WordPressPage%2B&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=2MCoUrdJW8&p=https%3A//bullshireonline.com&dtd=489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c213ccac3e5b25566a4f1b6785892ef803f9e56a6d7388d31755ef266873a2d0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 06 Aug 2021 15:48:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67a968f7b9d60742-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 28F2 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:45:33 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D732 1 KB
864 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 06 Aug 2021 03:09:05 GMT
expires: Sat, 07 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 45567
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28F2 124 KB
37 KB 627ms
626ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:33 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 28F2 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:42:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 28F2 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSRpR_vaKMaOsgbn9XUdJWcM03X_L5eeOUhZ5sXmtWiEICWy0F-MJkCERyKLkQIhpzrHe8jVPnKpEauW25nH0DNz9ONQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&slotname=5844810442&adk=1009447710&adf=659210693&pi=t.ma~as.5844810442&w=339&fwrn=4&fwrnh=100&lmt=1628264910&rafmt=1&to=pso&tp=site_kit&psa=0&channel=WordPressPage%2Bpso-lv-5&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910429&bpp=1&bdt=437&idt=481&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364&nras=1&correlator=2524259339848&pv_ch=WordPressPage%2B&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=2MCoUrdJW8&p=https%3A//bullshireonline.com&dtd=489
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5989 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0T57zlkNYYKEN5rR7gPeppr4D4OOhI5i2eqw8sMK_MG1q64BEAEgrdbXJWCVAqAB1uzL4APIAQapAnVB4KpNzbM-qAMByAPLBKoExAFP0MTLI9mEsrEpmYEQiAO3X21kD6RTvsbrDhI6ghoMWZwZ0JeAb8x3mx5N1xs5egrstY4Mncvei41BxUk13a5eVtljpny0Hs8AggMd_xCdg84oL2YGEhOD4KkoyQMUuDo1hpyqqifpu5JoXuvKRqaUNC4jVtVbvrOwlGHujv_ewIAcl9B3UhBsjnPqMGJqgq8nnZW0N1PHFGP3lwxLgKvfcHcZ0krlwwR6AalkYN5p-dOu4SEGU107YAZlcXdzH4tjcq3VwATl2qCfqAKSBQQIBBgBkgUECAUYBKAGN4AHkpO0H6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHAxDQYdIICQiA4YAQEAEYH4AKAcgLAdgTDYgUBdAVAYAXAbIXGgoYCAASFHB1Yi03MjgwMDY2NDA5NjAwNzcx&sigh=WxOyLQYn4z8&template_id=492

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=364&slotname=5223824213&adk=2563230863&adf=1293123218&pi=t.ma~as.5223824213&w=288&lmt=1628264910&rafmt=11&tp=site_kit&psa=0&format=288x364&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910412&bpp=4&bdt=420&idt=468&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=198&ady=1570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ApbaBOrKye&p=https%3A//bullshireonline.com&dtd=472
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 15:48:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:32 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: trr03YDOofBZcW1JL1pV0MQ/nHHQ1MQ5U+SQuV0tnbO9WxJqn6ol9elA2QAZwiLTb9PEgQC0IdObEn8jm9g2ww==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Fri, 06 Aug 2021 15:48:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 193492738170200 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/193492738170200?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f32aef3eb27514abb180c6c1a61a845ac84994c8f413730e065f75a4efbd784e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73366
x-xss-protection: 0
pragma: public
x-fb-debug: qbqxkwEPua4S1J/Sd7VmaxJkBozHV8IpNw8zg2iMFmq1C1wamUfmQs4ApEyF4TDkkK5rZQFct+eav9EJ9s+hQw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Fri, 06 Aug 2021 15:48:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 darkener.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/darkener.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbb3ff68378443863920ac544cbaa4386f5d75323da7206114a6e418b697393c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 266986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1589
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Tue, 03 Aug 2021 13:38:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:38:46 GMT

GET
H3-29 200 copy_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/copy_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c85b9044de8cd795fc3f5ea5117d246adfb874ee103c2e82358ecaac2e42f1ba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2892
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:44 GMT

GET
H3-29 200 copy_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 4 KB
4 KB 13ms
11ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/copy_2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83b4ac2d6e71d67312e4a04ccbd0236314ad7d5e104ac2e8c454877c60725bf4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3772
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:44 GMT

GET
H3-29 200 copy_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 7 KB
8 KB 33ms
31ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/copy_3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

921995dbdcaaa1cedca0f4b3bda3718a66f6c09f69922d935a58eed193cc39f6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7656
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:44 GMT

GET
H3-29 200 copy_4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 10 KB
10 KB 34ms
32ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/copy_4.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7ac2575b51f3aded828b604cf7aa1b34b19d9a578a8bdf5966a5f975a479a7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10229
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:44 GMT

GET
H3-29 200 cta_text.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 3 KB
3 KB 30ms
28ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/cta_text.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9e86e00d8403f08d13cbdba8d8a993a3183316118314614ebe35486ad2fbb9b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3088
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:44 GMT

GET
H3-29 200 cta_arrow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 234 B
261 B 29ms
28ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/cta_arrow.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

945f3d9ee1fa85c1d65efc0638f16ae187b70ddf5159fa66347f64e45971e313

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:44 GMT

GET
H3-29 200 intel_logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 6 KB
6 KB 28ms
26ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/intel_logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643ed328f10ef05ed3e79f760678155cecd00dda60845b72a76f014845d9ceab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:44 GMT

GET
H3-29 200 laptop.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/ Frame 7028 51 KB
51 KB 28ms
27ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/laptop.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4af9cbf413eec1d541070c3d619cfc084485f4f7cb5533b300c5b33476f47f4a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/472553073535782366/i42710-Getac-K120-manufacturing-728x90/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 468828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51875
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 12:08:19 GMT
server: sffe
date: Sun, 01 Aug 2021 05:34:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 05:34:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bullshireonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 15:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bullshireonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 15:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9404 110 KB
35 KB 644ms
643ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=100&adk=2205331714&adf=1704077290&pi=t.aa~a.1263417226~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264912&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x100&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911130&bpp=1&bdt=1138&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280%2C339x200%2C1005x124&nras=5&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=4770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H-YCWT5xQgCCxjxm0XMpBUZfuEuZZfTUa1IAD-UBNKIi7-D_w3-P3IJqfMfb_-sL-q-q_OkvrdPDp8pmxPsy8UgrGm4RuaZ4OxjF98&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=gxKKaWdx8q&p=https%3A//bullshireonline.com&dtd=1697

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c05b3fe98d959c819dee3853fc3203cc402a38b030c699d743bb6a3eaf62e7d6

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7t673fnPICFY0H4AoduNADTg&gqi=0FkNYaSEM6OprAT00ZzgBA&layout=/sadbundle/%24csp%253Der3%24/7458881209570198795/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7280066409600771&output=html&h=100&adk=2205331714&adf=1704077290&pi=t.aa~a.1263417226~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264912&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x100&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911130&bpp=1&bdt=1138&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280%2C339x200%2C1005x124&nras=5&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=4770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H-YCWT5xQgCCxjxm0XMpBUZfuEuZZfTUa1IAD-UBNKIi7-D_w3-P3IJqfMfb_-sL-q-q_OkvrdPDp8pmxPsy8UgrGm4RuaZ4OxjF98&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=gxKKaWdx8q&p=https%3A//bullshireonline.com&dtd=1697
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7t673fnPICFY0H4AoduNADTg&gqi=0FkNYaSEM6OprAT00ZzgBA&layout=/sadbundle/%24csp%253Der3%24/7458881209570198795/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Aug 2021 15:48:33 GMT
server: cafe
content-length: 36045
x-xss-protection: 0
set-cookie: IDE=AHWqTUlycppTYdfo_VaXvO_fBYbkdRA4lXm6fU-YjdNbDtpv6WDf6U2cW2416BfTdtc; expires=Wed, 31-Aug-2022 15:48:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:33 GMT
cache-control: private

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6516 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=364&slotname=5223824213&adk=2563230863&adf=1293123218&pi=t.ma~as.5223824213&w=288&lmt=1628264910&rafmt=11&tp=site_kit&psa=0&format=288x364&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910412&bpp=4&bdt=420&idt=468&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=198&ady=1570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ApbaBOrKye&p=https%3A//bullshireonline.com&dtd=472
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=364&slotname=5223824213&adk=2563230863&adf=1293123218&pi=t.ma~as.5223824213&w=288&lmt=1628264910&rafmt=11&tp=site_kit&psa=0&format=288x364&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264910412&bpp=4&bdt=420&idt=468&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=198&ady=1570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ApbaBOrKye&p=https%3A//bullshireonline.com&dtd=472

Response headers

content-type: text/html; charset=ISO-8859-1
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 06 Aug 2021 15:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 99EE 84 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=200&adk=738672978&adf=3931349002&pi=t.aa~a.1263416195~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x200&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=1&bdt=1128&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280&nras=3&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=uFfZQGisdA&p=https%3A//bullshireonline.com&dtd=82

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 01:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 07 Aug 2021 01:32:49 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-77736897-1&cid=2095971055.1628264911&jid=1869378151&gjid=297565887&_gid=1362430201.1628264911&_u=SCCAgEIJCAAAAE~&z=1758612267

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 06 Aug 2021 15:48:32 GMT
content-type: text/plain
access-control-allow-origin: https://bullshireonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 5ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=699367433&t=pageview&cu=GBP&_s=1&dl=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Store%20%E2%80%93%20Bullshire%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCCAgEIJC~&jid=1869378151&gjid=297565887&cid=2095971055.1628264911&tid=UA-77736897-1&_gid=1362430201.1628264911&z=2101808304

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 10:59:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17322
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 994059757941702199
tpc.googlesyndication.com/simgad/ Frame 2439 63 KB
63 KB 11ms
10ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/994059757941702199

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&adk=3341392137&adf=3464414444&pi=t.aa~a.1263416195~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=15&bdt=1128&idt=-M&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280&nras=2&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=GQ3Y7Uq4ne&p=https%3A//bullshireonline.com&dtd=67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0adcb3390d9008206a07f7907b9cfab2de30f44da8119a754a8fdab1e90b133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:50:20 GMT
x-content-type-options: nosniff
age: 197892
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64704
x-xss-protection: 0
last-modified: Tue, 20 Oct 2020 07:58:35 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Aug 2022 08:50:20 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 2439 18 KB
7 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:47:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 2439 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:45:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2439 124 KB
37 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 2439 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:42:59 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 2439 26 KB
11 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 13:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 13:57:58 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2439 0
0 47ms
44ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXFgHz1kNYbjkDNORgQeHjYL4D-PE6fBf4-bN_7wM6uXz574cEAEgrdbXJWCVAqABw5Lq2APIAQOpAveS9xSAzrM-qAMByAPJBKoExQFP0FtY8Uaeg3jeiW11Vrx0Df0fEb5jtOm7hpQwJhr2NgMc_ud3gmZL5wbi059Rf1m1poWuXGfqRDEFEXu2pgYBMrwmYnAHwwp47DNUSrIgvmbaPJQgcXginUH4rOlJxhdF0_y6h_SKRICHihHeDb9dTUrT-1KupJdQAe6s2Gjij9fPMM6d_fUtnqmkf5zoV6WQOe-I4obgMkMXJKCEFTRIOolnBhLSylN11JCv5YLLVPTtP3bdpVcrzHx3ycXElLxTyL35gsAE1f_Kqp0DkgUECAQYAZIFBAgFGASgBgOAB6XtlSeoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQlfUN0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTcyODAwNjY0MDk2MDA3NzE&sigh=q_iyNeWW_pM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&adk=3341392137&adf=3464414444&pi=t.aa~a.1263416195~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=15&bdt=1128&idt=-M&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280&nras=2&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=GQ3Y7Uq4ne&p=https%3A//bullshireonline.com&dtd=67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 15:48:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:32 GMT

GET
H/1.1 200
OK categories.js Show response
app.ecwid.com/ 3 KB
959 B 37ms
33ms Script
application/javascript 18.198.144.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/categories.js?ownerid=9383088&callback=ecwidCategoryWidget.getData.f0037911426198331544
Requested by: Host: d35z3p2poghz10.cloudfront.net
URL: https://d35z3p2poghz10.cloudfront.net/horizontal-category-widget/v1.5/horizontal-widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.144.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-144-239.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d6c35be900e0b2b5583a1b2f09bee9c3cac86f43ff2ffa95a32c50499937b02c

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:48:32 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8

GET
H2 200 sw_connect.js Show response
connect.sitewit.com/js/9383088/ 32 B
651 B 605ms
103ms Script
text/javascript 54.86.20.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.sitewit.com/js/9383088/sw_connect.js?ispartner=ecwid&ns=sw
Requested by: Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/partner/ecwid/9383088/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.20.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-20-131.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:33 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
content-length: 32
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 cq_blank.gif
analytics.sitewit.com/images/ 35 B
623 B 98ms
97ms Image
image/gif 2600:1f18:243f:2d00:a874:dd37:27b9:63ad
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.sitewit.com/images/cq_blank.gif?_sw_ecwidid=9383088&_sw_uid=75e88866-2280-4ac9-bc00-99ca7e1899a1&_sw_fp=2ee7a8a7d658af471bcb8921229f04f12c1d8c9d&_sw_pl=0&_sw_pc=0&_sw_dat=MXxidWxsc2hpcmVvbmxpbmUuY29tfGh0dHBzOi8vYnVsbHNoaXJlb25saW5lLmNvbS9zdG9yZS98ZW4tVVN8MTYwMHwxMjAwfDI0fENocm9tZS84OS4wLjQzODkuNzJ8eDY0fDF8MHwxfDB8LXx8LXwtfC18MmEwMTo0Zjg6MTkyOjU0MTQ6OjJ8MA==&to=923
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d00:a874:dd37:27b9:63ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:32 GMT
last-modified: Thu, 24 Jun 2010 20:21:15 GMT
server: Microsoft-IIS/10.0
etag: "9f8deacbda13cb1:0"
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 35

GET
DATA 200
OK truncated
/ Frame 5989 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0756db52f8ac711fc1fb8afa390d177ce8da0f820b2a6b6bec4b4e9d7c8443ac

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 334ms
39ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=bullshireonline.com&source=checkoutjs&t=xo&v=4.0.330

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Dih0KjLJeMW7AMYj/Oh2PqdikLHp8O71/gvya70bzT4Er4te' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 246
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Dih0KjLJeMW7AMYj/Oh2PqdikLHp8O71/gvya70bzT4Er4te' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
paypal-debug-id: 00137bf605d14
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4321
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Fri, 06 Aug 2021 15:48:33 GMT
strict-transport-security: max-age=63072000
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
etag: W/"2ef4-3xgck+FFolYd+Y4aULz7wuzevMY"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF6A 42 B
64 B 238ms
30ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLG7jiZ4Lejbz2-uoYcbB8i7R8aTRyRQKZuW1WsHHeBnF2MArHpNwcnndFPmjAZ53QjVfLCEro7ePKerwSl7MIGRXXM_Ebxcw9J8pI9wq5nJF5kFp5xWA5aCFznA&sai=AMfl-YRHoA-R6rPrJKLX4joMe72RiXZfEHdkCym4H5t7n02isKzyeevxfF4Z7R_YKEZ1DCJd0iGzR6c31DH1&sig=Cg0ArKJSzDaH_wpB926BEAE&id=lidar2&mcvt=1307&p=1077,299,1202,1304&mtos=0,661,1307,1307,1307&tos=0,661,646,0,0&v=20210804&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=2&adk=3125035741&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 99EE 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:47:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 99EE 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:45:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 99EE 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 99EE 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:42:59 GMT

GET
H2 200 15777777540812456613_15784410238945324846.jpeg
static.doubleclick.net/dynamic/5/255675470/ Frame 99EE 93 KB
94 KB 34ms
8ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/255675470/15777777540812456613_15784410238945324846.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056b47931e4f35afa2b8fbd590131ba86a68df09ac0992b8367b1d8e62675c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 10:42:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Jan 2021 13:26:47 GMT
server: sffe
age: 277549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95543
x-xss-protection: 0
expires: Wed, 03 Aug 2022 10:42:44 GMT

GET
H2 200 4566184293953053335_928853266860425669.jpeg
static.doubleclick.net/dynamic/5/255675470/ Frame 99EE 118 KB
118 KB 47ms
21ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/255675470/4566184293953053335_928853266860425669.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fabfd965e4afbe14ae9a6071a5300a0b9761a081e0877c41ad375af5306a1943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 22:01:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Jan 2021 13:24:33 GMT
server: sffe
age: 150411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121164
x-xss-protection: 0
expires: Thu, 04 Aug 2022 22:01:42 GMT

GET
H2 200 11962657872095113262_5973065526424997388.jpeg
static.doubleclick.net/dynamic/5/255675470/ Frame 99EE 111 KB
112 KB 41ms
16ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/255675470/11962657872095113262_5973065526424997388.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58fe68d900121ac03680a7b7df8b303d7095576a045b30622282527457680508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 20:43:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Jan 2021 13:24:24 GMT
server: sffe
age: 500693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114016
x-xss-protection: 0
expires: Sun, 31 Jul 2022 20:43:40 GMT

GET
H3-29 200 8341226500854338885
tpc.googlesyndication.com/simgad/ Frame 99EE 14 KB
14 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8341226500854338885

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8920176024bcd1125f115e463b13d79862d26782882e858546330ce51627e3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:23:19 GMT
x-content-type-options: nosniff
age: 271514
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14221
x-xss-protection: 0
last-modified: Mon, 28 Dec 2020 14:18:07 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:23:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=193492738170200&ev=PageView&dl=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&rl=&if=false&ts=1628264913391&sw=1600&sh=1200&v=2.9.44&r=stable&a=plecwid&ec=0&o=30&fbp=fb.1.1628264913389.2126439680&it=1628264912620&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 06 Aug 2021 15:48:33 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5889
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

49ms
46ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnoXgBla6MrndrYvPruzp-usXMnQ416Xg526R7FvsdtNB2onbMIPSkXtx72VFw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:33 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 16:48:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:33 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F81D 143 B
163 B 9ms
9ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&adk=3341392137&adf=3464414444&pi=t.aa~a.1263416195~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=15&bdt=1128&idt=-M&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280&nras=2&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=GQ3Y7Uq4ne&p=https%3A//bullshireonline.com&dtd=67
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnoXgBla6MrndrYvPruzp-usXMnQ416Xg526R7FvsdtNB2onbMIPSkXtx72VFw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&adk=3341392137&adf=3464414444&pi=t.aa~a.1263416195~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=15&bdt=1128&idt=-M&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280&nras=2&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=GQ3Y7Uq4ne&p=https%3A//bullshireonline.com&dtd=67

Response headers

content-type: text/html; charset=ISO-8859-1
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 06 Aug 2021 15:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 10E8 1 KB
749 B 9ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 06 Aug 2021 11:56:19 GMT
expires: Sat, 07 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 13934
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 1081 58 KB
59 KB 52ms
29ms Stylesheet
text/css 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Fri, 06 Aug 2021 15:48:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3388575
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqrgbF50WqQKWrxiBBE99%2BFbgGkxsjQhq4TphdQMvm2mYKq1KtrG8J%2BuuIjdJKKPqvWsOXJVYQDbgd4QKkWFgy%2BixcF57MEnz5p7Jv3vKwdeTZ7Q56JVp%2Fcl5tfyt88son7TSZc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 67a968fd2cb8c2b8-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 1081 36 KB
13 KB 82ms
59ms Script
application/javascript 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer: https://ad4m.at/ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date: Fri, 06 Aug 2021 15:48:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13131
x-guploader-uploadid: ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:08:33 GMT
server: cloudflare
etag: W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1mU%2FEeNcebBsfyP72NTRaGcOPbfJioQWDzdHZtXlIGgq%2B1JZV2RI%2BzOf51N032jEu%2BlzEM79fjczE%2BTp%2B1Sx5kqr6hXE0EcKAKV%2Bfh3W7hsogXxJPZ5RmXZc6AHl%2BGp7mjaMFA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672513020985
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11953
cf-ray: 67a968fd2cbac2b8-FRA
expires: Fri, 06 Aug 2021 12:09:42 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 99EE 0
0 58ms
52ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cn96hz1kNYZmgDsGtgAfkj7UIpLGC5GP_hZqmxw2CgrrjryAQASCt1tclYJUCoAH-1sXWA8gBCakC95L3FIDOsz6oAwHIA8sEqgTKAU_QkIUrbOMW-OwVuFO3PRaqLrvQHJwYFs6hAvNXJ7VbonyDylS0Tu0fIYY-1fS8FJBEfYRNAsOzUGpqGOqYiV1Pch5c-DIoIxbXdA7WZAfH7R4myzXIBONDbYAhQCnegSbO_MvlLpqQ8Dbk8R1wXJLJ_hGhqM6OkuaxeJaYF1NGAsVlfUTBp0GqfFKgLx6B2Uzw5w7STL2eWqLevLmsjem9_kdudR6xFR5D9W3VWr-FLs42leFy9l1No6gXBNLGTOOYeeJtm3jBStTABMPO046xA5IFBAgEGAGSBQQIBRgEoAYugAfJ09YdqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDbjgnSCAkIgOGAEBABGB-ACgHICwHYEw2IFALQFQGAFwGyFxoKGAgAEhRwdWItNzI4MDA2NjQwOTYwMDc3MQ&sigh=Dwux0KQuRYw&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=200&adk=738672978&adf=3931349002&pi=t.aa~a.1263416195~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x200&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=1&bdt=1128&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280&nras=3&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=uFfZQGisdA&p=https%3A//bullshireonline.com&dtd=82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 15:48:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2439 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc286b2f9166052b79b2e613d59ae8c917770a2616da250ee98b5ecedd0cc656

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bundle.js Show response
static.zbcdn.net/__cfwsvgt/asset/ 267 KB
84 KB 58ms
26ms Script
application/javascript 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zbcdn.net/__cfwsvgt/asset/bundle.js

Requested by

Host: static.zotabox.com
URL: https://static.zotabox.com/ecwid/9383088.widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53da42715cfb9c1dd807741c87cb0ca0f27692a36da9aad9fd01927cc6971374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4171
access-control-allow-methods: GET
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 23 Jul 2021 10:41:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fa9cd9-42bdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMc6Sle3Hnr%2BaQNSLb1z4An5ilQ03zv3AY4eVjDF2u2%2F5rSeBBtKLXvlqYLhHI0WVOxf1LAGHRNDrG3Pt7Anfnk47jcqGBdwRWPgye%2FAaiDivH0VWZRG474PnxiuSEzbgammrokf8Qnc2TI8bi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=691200
access-control-allow-credentials: true
z-server: mariadb
cf-ray: 67a968fdbdcf4a92-FRA

GET
H2 200 data.js Show response
static.zbcdn.net/d/d/dd3afa5c3ee23a149581140fbb49c9ab/ 280 KB
42 KB 53ms
23ms Script
application/javascript 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zbcdn.net/d/d/dd3afa5c3ee23a149581140fbb49c9ab/data.js?1627038128252

Requested by

Host: static.zotabox.com
URL: https://static.zotabox.com/ecwid/9383088.widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dd644b939aac714e8fe85ab3bef02224534c5c3889bfd6f2ce8ebe8e5038eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
access-control-allow-methods: GET
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 23 Jul 2021 11:02:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60faa1b3-460a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttw7C0fQ381qUaYvpt1JqepVD93JduNXuvFaBhAiJDf9oBdYbBRNsRR2HmPSsUTpV3pm8de%2Bhn%2F4rl%2BbO%2F49R530ZsCpkPO5Lgy2BrT4fNM6wTrW5RqyNwnaKsa4VnK4x0%2F2sBoYZIsyWk2gPWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=691200
access-control-allow-credentials: true
z-server: mariadb
cf-ray: 67a968fdbdd34a92-FRA

GET
H2 200 temp2.js Show response
static.zbcdn.net/__cfwsvgt/social_tab/ 233 KB
28 KB 50ms
20ms Script
application/javascript 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zbcdn.net/__cfwsvgt/social_tab/temp2.js

Requested by

Host: static.zotabox.com
URL: https://static.zotabox.com/ecwid/9383088.widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71dd241463aa91042d13b2c6aaa01b6b8729272e10c499f5440630adfe58b628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58
access-control-allow-methods: GET
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 23 Jul 2021 02:12:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fa257a-3a5f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMnYXPTVQ%2FsopoL%2BOCOM1SHL%2BK9rw0afh0oBjRI33fOhZP46%2BPEyzBxDYse7omIY0fOOEGFCjGzWnw0kp%2BVJ55a%2BBqB%2B59Dju7r3cRjFNsiT%2B3hJtzNsMaRu%2F1BBBWbYlJQSJ%2FYWVJQ1SrxLdWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=691200
access-control-allow-credentials: true
z-server: Setting
cf-ray: 67a968fdbdd54a92-FRA

GET
DATA 200
OK truncated
/ Frame 28F2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41270be5987fb3700f7b67124f1b682d5f9b26f86979ccaad396c45c57c20a0e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame D732 35 B
464 B 573ms
15ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK2Y8OUdcF5k7QpPI4gcIGU&google_cver=1&google_push=AYg5qPLVMXIy0qwIrfPQMiiOVOQ3Iz2BWd_QEnYFrjZ-8R_J5uUGh_76GTApc5rz5mUBInaqHrJ4DkII1InvNtT_-cnhjhX4dg0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D732
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKsbXpOulFQL8Rfd5KMBYXTOEMb7kJr0E7QwPrPpb-FXadPdD4cnffwYURyNuReZRm9eB5kZwbs90NbQ8MrhkzAqAGsn7k&google_gid=CAESEF_hdX4klLbE53iGO9w4skk&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNKztYgGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLc2JYcE91bEZRTDhSZmQ1S01CWVhUT0VNYjdrSnIwRTdRd1ByUHBiLUZYYWRQZEQ0Y25mZndZVVJ5TnVSZVpSbTllQjVrWndiczkwTmJROE...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQUlBWjJ2eEdvMzNLRld0dnZPWC1TSFJmRGFLdG5SVWtxSVY4bVNWUGRjUQ==&google_push

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQUlBWjJ2eEdvMzNLRld0dnZPWC1TSFJmRGFLdG5SVWtxSVY4bVNWUGRjUQ==&google_push

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 06 Aug 2021 15:48:34 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQUlBWjJ2eEdvMzNLRld0dnZPWC1TSFJmRGFLdG5SVWtxSVY4bVNWUGRjUQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D732
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJc55BgPGLjwtDCHAM3oFps&google_cver=1&google_push=AYg5qPIjMIp2_q2xCjoVZN999rZQ8k22BYiMg4zcB-xN4DcykDPMQrmgvAWsYYFYyV7qFE99am8P8mNmfhQafcYa1biiXuQiH7k
https://rtb.openx.net/sync/dds?google_gid=CAESEJc55BgPGLjwtDCHAM3oFps&google_cver=1&google_push=AYg5qPIjMIp2_q2xCjoVZN999rZQ8k22BYiMg4zcB-xN4DcykDPMQrmgvAWsYYFYyV7qFE99am8P8mNmfhQafcYa1biiXuQiH7k&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjMIp2_q2xCjoVZN999rZQ8k22BYiMg4zcB-xN4DcykDPMQrmgvAWsYYFYyV7qFE99am8P8mNmfhQafcYa1biiXuQiH7k&google_hm=_R9j17Jlwu4rmCNasRWRrg==

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjMIp2_q2xCjoVZN999rZQ8k22BYiMg4zcB-xN4DcykDPMQrmgvAWsYYFYyV7qFE99am8P8mNmfhQafcYa1biiXuQiH7k&google_hm=_R9j17Jlwu4rmCNasRWRrg==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjMIp2_q2xCjoVZN999rZQ8k22BYiMg4zcB-xN4DcykDPMQrmgvAWsYYFYyV7qFE99am8P8mNmfhQafcYa1biiXuQiH7k&google_hm=_R9j17Jlwu4rmCNasRWRrg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: odle1n357a1al082mbaudk2sckhk1dhl

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D732
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ms43Oz0uQE-7V90j4oS6ig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ms43Oz0uQE-7V90j4oS6ig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLWaIaoGEWHa3jzHeHq8O4MpFkmd_mVIFO8Rvm9V_44QrG_8P8yrSlPDrl57g-1MUnmIN_ZUys_m9BNiEUua8KOS0tFuIE

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ms43Oz0uQE-7V90j4oS6ig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLWaIaoGEWHa3jzHeHq8O4MpFkmd_mVIFO8Rvm9V_44QrG_8P8yrSlPDrl57g-1MUnmIN_ZUys_m9BNiEUua8KOS0tFuIE
date: Fri, 06 Aug 2021 15:48:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D732
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIvW5v59pHN9ZJjtp0tn478&google_cver=1&google_push=AYg5qPIHVzS5yEbzu-VQrHWAFmXbBQyzScJZleMT1QJsG3Cd-qW2nzwMvSgGzXgJVlySS2OGI5f...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1MwSVcwQUotMVgtNkk0Sw==&google_push=AYg5qPIHVzS5yEbzu-VQrHWAFmXbBQyzScJZleMT1QJsG3Cd-qW2nzwMvSgGzXgJVlySS2OGI5fVBP2yqvB54SIcOmvUiRxKI7Y

170 B
188 B

52ms
46ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1MwSVcwQUotMVgtNkk0Sw==&google_push=AYg5qPIHVzS5yEbzu-VQrHWAFmXbBQyzScJZleMT1QJsG3Cd-qW2nzwMvSgGzXgJVlySS2OGI5fVBP2yqvB54SIcOmvUiRxKI7Y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1MwSVcwQUotMVgtNkk0Sw==&google_push=AYg5qPIHVzS5yEbzu-VQrHWAFmXbBQyzScJZleMT1QJsG3Cd-qW2nzwMvSgGzXgJVlySS2OGI5fVBP2yqvB54SIcOmvUiRxKI7Y
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D732
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjT...

170 B
243 B

34ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YQ1Z0TN8gAL5XgV0ZaVp3QAABK8AAAAB&google_cver=1&google_push=AYg5qPIXGnqQXpnRLVOJAuBDYbVCJ2naoxFtWCz_pebXMmpo3C5oRfGBzKfaOEk5JUwvEkC_EAjToCao6_Cmvpi41KlSLkS7zGU&google_gid=CAESECWKZhadShXB2RMhim5v6e8&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 487
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D732
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMY7WQqYbvUcEq5oEeiT6jU&google_cver=1&google_push=AYg5qPJ3oJXhTPfrAKpkhs2L...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3oJXhTPfrAKpkhs2Llo0q-hVyQbEG4jVvqJVvQ47ogKQkt1mz4qPUuedUqJdrB5r0RO4G84-J9_i-vF1mwma1DlZy608&google_hm=

170 B
188 B

85ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3oJXhTPfrAKpkhs2Llo0q-hVyQbEG4jVvqJVvQ47ogKQkt1mz4qPUuedUqJdrB5r0RO4G84-J9_i-vF1mwma1DlZy608&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ3oJXhTPfrAKpkhs2Llo0q-hVyQbEG4jVvqJVvQ47ogKQkt1mz4qPUuedUqJdrB5r0RO4G84-J9_i-vF1mwma1DlZy608&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 05 Aug 2021 15:48:34 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D732 0
244 B 106ms
34ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KyJC2gntiqV_iROXHhaWat7FjzIhKKZVgzpfOlYsaILBNrOcVuPpDG04QEMbDRjVIBx7QLkw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 1707271850.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 63 KB
63 KB 58ms
52ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/1707271850.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5afaf3367c835ba8710454805a1234a6686ffedd1f01aa97cc68f0d7272f69e6

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 14 Oct 2020 11:16:32 GMT
server: AmazonS3
age: 1998386
etag: "084a896c65517990d2e655ffe22b427b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 64436
x-amz-cf-id: XoybkwX_yIfFh4jX_Kg7WM8o5pzrPv5tfPbn6HaiVrqCZirM3vr4YQ==

GET
H2 200 407473070.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 170 KB
171 KB 42ms
36ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/407473070.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37a5c4a4d8fabe2dae48fab75d416320dbcf363dcfa188638d0ca05ca9042d71

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 17:14:36 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Aug 2016 15:47:53 GMT
server: AmazonS3
age: 1118038
etag: "c3c87f8cc4fa838b312444fb5baf14b3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 174059
x-amz-cf-id: OysYJlnFuLqJAzhQ1birGALCXhM0qrUw8DV4VGwOM7g4e80ORXDT7w==

GET
H2 200 407485145.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 113 KB
113 KB 65ms
60ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/407485145.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4810a9a8efe61a290874f118d4d1ebcb6c852a30e263da453c1a3154f89d3f73

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Aug 2016 15:52:58 GMT
server: AmazonS3
age: 173707
etag: "43a8bb3f240fc13648aa9bc29295c367"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 115585
x-amz-cf-id: ttwulQTnbchi3FhwG2FQzfoOIAKVMKYZdgWMHLsCjYW__nE0UofvsQ==

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1081 3 KB
4 KB 501ms
15ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Fri, 06 Aug 2021 15:48:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5022532
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyGFXYkl5A2kT8aDRBTzUvKMFhUvqcA3WoQd91B60rm%2FQLlofhs7Z%2FNO6kZAPhnvJ8lCTw5BWkwFlHmmpZhYzeGEmJduaGgK177vGEuLYpVDA0SPPQBDKvq%2FWt5eHtNFw5EsRry5iVO2lPplgv7wvo0hOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 67a969024f40c272-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 7028 35 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 15:28:43 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84BF 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=200&adk=738672978&adf=3931349002&pi=t.aa~a.1263416195~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x200&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=1&bdt=1128&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280&nras=3&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=uFfZQGisdA&p=https%3A//bullshireonline.com&dtd=82
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlycppTYdfo_VaXvO_fBYbkdRA4lXm6fU-YjdNbDtpv6WDf6U2cW2416BfTdtc; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=200&adk=738672978&adf=3931349002&pi=t.aa~a.1263416195~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x200&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=1&bdt=1128&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280&nras=3&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=uFfZQGisdA&p=https%3A//bullshireonline.com&dtd=82

Response headers

content-type: text/html; charset=ISO-8859-1
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 06 Aug 2021 15:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 99EE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de9be251d232cbbb743a188008727eb560c7b6353e32a10dfae88068424af3b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2448510888.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 38 KB
38 KB 38ms
37ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2448510888.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b4bfc99940243dd616ed1c9385c9b887334aadb83d770590bfc7fc45cdfb00

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 12:59:57 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 18:07:19 GMT
server: AmazonS3
age: 10117
etag: "906cd4f2e26203308ad873679b2d4b40"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 38503
x-amz-cf-id: pICcmMzBAedbuvo4FFC0itvBQhZWhFVBfNnZezhU9AgDmUYjCAz1qQ==

GET
H2 200 2439535810.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 19 KB
19 KB 39ms
37ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/2439535810.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3f83504fab699bdd480c7380a55bfd115c5c8283678d236a0b955bfc5c73919

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 16:35:24 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 01 Aug 2021 11:09:30 GMT
server: AmazonS3
age: 429190
etag: "43b2c17e5e883565494189acb6a1b81c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 19028
x-amz-cf-id: FiykJhxuljdcyJlcwMCm7DGtamoyMuZ6j0-hNPUSb-MhUDwJR8uz7w==

GET
H2 200 407473682.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 148 KB
149 KB 38ms
38ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/407473682.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3b20b45e0c7fbf60bfcb3db99db384a057f117141f159dbc7407c551a908676

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Aug 2016 15:50:20 GMT
server: AmazonS3
age: 173707
etag: "ff8595153d7179522b30d4170934bf19"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 151829
x-amz-cf-id: bTH6SSNM0hPwEA5Aba25DkTMAC2SwmTiW3t2eoRH1Rp1y-OhdQthhw==

GET
H2 200 407473053.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 217 KB
217 KB 39ms
38ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/407473053.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10e39c3e87e7004e24c39242badcc0525fa1e14d099a17373965107daa259e03

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Aug 2016 15:47:49 GMT
server: AmazonS3
age: 173708
etag: "81f3e0fd93ef6f30b16e67957a3d7f21"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 221952
x-amz-cf-id: mSvd9WtnXCncoDncvvcSNLqfkt4coPCLw3EJBO6R8kwnH50ah-ocdg==

GET
H2 200 909986202.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 110 KB
111 KB 370ms
369ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/909986202.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a89a657a8d9c5833552de4a0d4d5768b506358f712bfb380980ed4ba1c47d18

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 24 Sep 2018 10:21:11 GMT
server: AmazonS3
age: 173709
etag: "4b6a9c509907aff43706e4670e94890d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 112940
x-amz-cf-id: EImoZp1hM5ikOeUZ40M78t1NEolIelBdqMDOvhmpf9C-nbbKoPuSQg==

GET
H2 200 877987856.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 34 KB
34 KB 379ms
378ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/877987856.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3608ebce54a401f4578d2b739d6e528c2035c710588df8c36ea1b6c7725d21a1

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Fri, 10 Aug 2018 08:13:41 GMT
server: AmazonS3
age: 1998387
etag: "da1ebcf12de2bae56ef02bd9c46a4bfa"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 34414
x-amz-cf-id: 60STT58qj6xb2XB7VQpIVeo8rUmCPmZzlqBQTiRJp006fkQ2rDeAFQ==

GET
H2 200 441251381.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 162 KB
163 KB 351ms
349ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/441251381.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f402bac93da6ea7a6054bdb205c9fd738331d24bfc8eadcdce9d9491da7ed25

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 07 Nov 2016 14:23:22 GMT
server: AmazonS3
age: 173709
etag: "931632f57b73e607a9b6411c6129159d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 166363
x-amz-cf-id: 8gtQtaDSteB1mkfLx1F6iEXLRuLir1SnoSYrTV3MAB5qgNW0e2aSvA==

GET
H2 200 846827691.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 62 KB
62 KB 362ms
361ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/846827691.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e77daba1bdbd6f196bc9c6b074c18697df3d4dc68abb3baf8e966fa0cfc5667f

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jun 2018 14:25:39 GMT
server: AmazonS3
age: 1998387
etag: "e63228a15605ed06b0af37937ef9b418"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 63125
x-amz-cf-id: Orfg4a8F9_A4AQ0SxXkUy1H-YZiOJUBRZUjq7JB0fNeCGPXvDfRTkg==

GET
H2 200 569204958.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 53 KB
54 KB 357ms
355ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/569204958.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1adf7e8634e3bf4dc731191135678d3c538fbbd3440ccc915b0629cc95092be0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2017 13:31:15 GMT
server: AmazonS3
age: 173708
etag: "343d9f9282212e6d02cb936272ff72b4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 54513
x-amz-cf-id: dC_EzdnkvF5hsEAhYUaykKOdz557SU_YeGOebHzDAvOU3pML-QOMSQ==

GET
H2 200 509236629.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 54 KB
54 KB 640ms
640ms Image
image/png 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/509236629.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b63169e944c016db6599d9d359475c91d20134ff486309cf5f4132175bb3ca9a

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 11 May 2017 14:25:02 GMT
server: AmazonS3
age: 1998387
etag: "0d40b9b7d718d46e6f014da8ab2d8e34"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 55351
x-amz-cf-id: rCHbbfYMIx7_kGA17UggQpI11xjm4iTAt-A-rR-sKlmbX6QgpOyWcA==

GET
H2 200 502722089.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 59 KB
59 KB 330ms
319ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/502722089.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d145b4225c2ced7b3f98f440bd1832268ddc38530a7f8d49c1e91004e710d53e

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Thu, 20 Apr 2017 13:13:42 GMT
server: AmazonS3
age: 173708
etag: "3cc3757a661132e03fa3aaaaa373ca46"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 60449
x-amz-cf-id: 9BNlJdz3SiRmlJNIlNLrTHKAFvWaymvKGkSjzRByRN4BhU6CQ1ePxw==

GET
H2 200 493613205.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 78 KB
78 KB 328ms
316ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/493613205.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e545ca906c53302e3d2a111e09b1feb211e23d6f38a6d32e751967f023c2f755

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2017 12:13:30 GMT
server: AmazonS3
age: 1998387
etag: "145c47564e759436be9916c071690b4f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 79786
x-amz-cf-id: 13qw-szrNNorQ_gsT_O2HAQ8vsZY3lTSDzsq6V-EijPDJqhWDN9B4Q==

GET
H2 200 442916278.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 192 KB
193 KB 321ms
312ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/442916278.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d30b22b52ba9d5630ec2e0ef50e537d5f5c175397970898e967a8c8e4ace190

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sun, 13 Nov 2016 11:42:07 GMT
server: AmazonS3
age: 173708
etag: "7cdb76a2fab7546c2bcf06f69bc604f1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 196589
x-amz-cf-id: sfRXcBiTI7sM1FAXalTs-ZE7_sI44WHBTTwlfoWgN7teU-QEeFdZKQ==

GET
H2 200 438921779.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 140 KB
141 KB 327ms
318ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/438921779.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c32562c07266e5fcad9e4c99fec33cd60a2d547718dbe0d6e83a89014a4288aa

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:42:08 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Sat, 29 Oct 2016 11:06:51 GMT
server: AmazonS3
age: 1998387
etag: "b8d4737efcc0e7b78c56675b20f10736"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 143610
x-amz-cf-id: Y6vY9_P1Fy4oOMMIS50n1bHl1IjoPaPQJ2G1zRf3AgnNdcXDeVfjqA==

GET
H2 200 404279477.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 149 KB
150 KB 91ms
81ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/404279477.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 980bdda701ece36cd42bb86084394a2f05801e8323f275475904c51232381618

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2016 19:07:51 GMT
server: AmazonS3
age: 173709
etag: "ffd6c110a7fc0c5000184fb804f150c7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 153036
x-amz-cf-id: uNyMKguG63yukTMS8tF0dcEvFN3CeyQ5vl-CyOCwvKIiJqyfpuKMbA==

GET
H2 200 408052893.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 318 KB
319 KB 95ms
86ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/408052893.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9364a77f7f7661d3e7a0948f31c641e7c100556a846fbf06c72d5e2939b19c11

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Aug 2016 20:06:26 GMT
server: AmazonS3
age: 173708
etag: "e12778dea9ebbf41bf883e9f790d3609"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 326001
x-amz-cf-id: GFj-IDQlUXQLpf9KsWxqXvbpodVQNcjW0UsH4Mv0i12FzAsNwxEGdQ==

GET
H2 200 407485153.jpg
d2j6dbq0eux0bg.cloudfront.net/images/9383088/ 307 KB
308 KB 150ms
139ms Image
image/jpeg 13.224.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/9383088/407485153.jpg
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-112.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14e53d0fdba943953f9518df1259b201abe094302b7774b32642cc61c71069dd

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:33:26 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
last-modified: Wed, 10 Aug 2016 15:53:01 GMT
server: AmazonS3
age: 173708
etag: "1a88695560cab7430ba31e29f342b291"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 314851
x-amz-cf-id: CWldZwP66n0wsfBEjtNuAJtc1AVgjDWNu8VpSq1JtEMNw5L551qP3Q==

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
819 B 536ms
189ms Image
image/gif 23.45.106.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Store%20%E2%80%93%20Bullshire%20Online&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1628264913954&g=-120&completeurl=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: bullshireonline.com
URL: https://bullshireonline.com/store/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.106.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-106-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Aug 2021 15:48:34 GMT
P3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Paypal-Debug-Id: bffeca266a09e
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 06 Aug 2021 15:48:34 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 996C 2 KB
2 KB 36ms
36ms Document
text/html 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D

Response headers

date: Fri, 06 Aug 2021 15:48:34 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Fri, 06 Aug 2021 16:48:34 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1104756
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afKJt%2BdsswghOukkMmj%2F2KMUZu3BWrdQqPLj27iFw7jI30eTFcxjt3gDwah7YxpzNRvE3ODG%2BmZOTAE%2FQbLeNWfX5Y5NL7FMb2c7OkH3eGMomcRzvDUJrRNmv5jOoboKau9KyHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67a96901fcb7c2b8-FRA
content-encoding: br

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6516
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

59ms
49ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlycppTYdfo_VaXvO_fBYbkdRA4lXm6fU-YjdNbDtpv6WDf6U2cW2416BfTdtc; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 16:48:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:34 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BD9 35 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 15:28:43 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/ Frame 29D8 12 KB
3 KB 27ms
12ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657632a4aeabd8a85d83f1dfa3ca13234a51d33da48bcbfc890baf3499869e95

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/7458881209570198795/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3025
date: Tue, 03 Aug 2021 01:15:32 GMT
expires: Wed, 03 Aug 2022 01:15:32 GMT
last-modified: Thu, 11 Feb 2021 09:56:42 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 311582
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF5A 0
0 69ms
43ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C216I0FkNYf7FM42PgAe4oY_wBKCykfZjnqqD3qsNkO_Ex50WEAEgrdbXJWCVAqABo9awxAPIAQmpAveS9xSAzrM-qAMByANIqgTSAU_Q9zH1Ey0fORKkeGicwhoRhdz41ghJWBY-K62b44HJUWhiIKE2gb9QZEPjoniHmh_-BV0o7WLLMDcmwUSTsPSZ5uc6yDUo7XixPeY5SRJYP20Hhas9a8-VfabI_Xz5EpvI55JBtyfPOInxutMBK8xolv2el6AS-3v_lWkfyvKJO2LH8MeTxkGLGaW4rB7v-ByGl_7eebQHTj8LACN_fdwMIzY4yvIJlqX7NDnunY37JSaW0jjd9-RST9zAlkUEbZ6kAY-igt2dEw6pQB4G38jvzMAEx8-0vrICkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8WpzzuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQxuMD0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTcyODAwNjY0MDk2MDA3NzE&sigh=QaobuJRXzeM&template_id=419

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=100&adk=2205331714&adf=1704077290&pi=t.aa~a.1263417226~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264912&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x100&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911130&bpp=1&bdt=1138&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280%2C339x200%2C1005x124&nras=5&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=4770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H-YCWT5xQgCCxjxm0XMpBUZfuEuZZfTUa1IAD-UBNKIi7-D_w3-P3IJqfMfb_-sL-q-q_OkvrdPDp8pmxPsy8UgrGm4RuaZ4OxjF98&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=gxKKaWdx8q&p=https%3A//bullshireonline.com&dtd=1697
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 06 Aug 2021 15:48:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame CF5A 18 KB
7 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=100&adk=2205331714&adf=1704077290&pi=t.aa~a.1263417226~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264912&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x100&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911130&bpp=1&bdt=1138&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280%2C339x200%2C1005x124&nras=5&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=4770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H-YCWT5xQgCCxjxm0XMpBUZfuEuZZfTUa1IAD-UBNKIi7-D_w3-P3IJqfMfb_-sL-q-q_OkvrdPDp8pmxPsy8UgrGm4RuaZ4OxjF98&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=gxKKaWdx8q&p=https%3A//bullshireonline.com&dtd=1697

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:47:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame CF5A 2 KB
1 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:45:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF5A 124 KB
37 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame CF5A 14 KB
6 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:42:59 GMT

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 99EE 0
20 B 38ms
28ms Other
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNnDib3fnPICFcEW4Aod5EcNAQ&gqi=z1kNYZvODcrX3wO08reQBA&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10E8
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKqtJ-Ggp00kFv4r6H9J64E&google_cver=1&google_push=AYg5qPIasHYIL2FPZp6t0nyPrs5MDADIbT44nKZayyInan3vGOfZVJsPGa...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIasHYIL2FPZp6t0nyPrs5MDADIbT44nKZayyInan3vGOfZVJsPGaO6uNomGCIUINFnWVADeRLK4JqX-fZcTBXVBUh181iB&google_hm=IFvbsU...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIasHYIL2FPZp6t0nyPrs5MDADIbT44nKZayyInan3vGOfZVJsPGaO6uNomGCIUINFnWVADeRLK4JqX-fZcTBXVBUh181iB&google_hm=IFvbsUWqwRTEaKUPtNGHLA

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIasHYIL2FPZp6t0nyPrs5MDADIbT44nKZayyInan3vGOfZVJsPGaO6uNomGCIUINFnWVADeRLK4JqX-fZcTBXVBUh181iB&google_hm=IFvbsUWqwRTEaKUPtNGHLA
pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10E8
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJIiGZmfWQnz1iPGpq7cDQap3DUmrrfEFiApBH...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVExWjBnQUFBYWtTeFM5WA&google_push=AYg5qPJIiGZmfWQnz1iPGpq7cDQap3DUmrrfEFiApBHbXKfDL8oFR8HhVrDSUN3BNH8nDILKlUHx0WD7J3dFc2pTHWgtUgPvhTtA

170 B
188 B

41ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVExWjBnQUFBYWtTeFM5WA&google_push=AYg5qPJIiGZmfWQnz1iPGpq7cDQap3DUmrrfEFiApBHbXKfDL8oFR8HhVrDSUN3BNH8nDILKlUHx0WD7J3dFc2pTHWgtUgPvhTtA

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVExWjBnQUFBYWtTeFM5WA&google_push=AYg5qPJIiGZmfWQnz1iPGpq7cDQap3DUmrrfEFiApBHbXKfDL8oFR8HhVrDSUN3BNH8nDILKlUHx0WD7J3dFc2pTHWgtUgPvhTtA
Date: Fri, 06 Aug 2021 15:48:34 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10E8
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESENgLGhrW0p0EOs9BpfOaLX4&google_cver=1&google_push=AYg5qPLqgyQGUXYeg9m0vUuvB-uC78IQtnaeqo2XVI0KOYUNCxAbcU1-7ZRekqPYVIJKnRvxf2bO-IYAhK8iR9MDs1aoXeehLx7_
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLqgyQGUXYeg9m0vUuvB-uC78IQtnaeqo2XVI0KOYUNCxAbcU1-7ZRekqPYVIJKnRvxf2bO-IYAhK8iR9MDs1aoXeehLx7_&google_hm=_R9j17Jlwu4rmCNasRWRrg==

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLqgyQGUXYeg9m0vUuvB-uC78IQtnaeqo2XVI0KOYUNCxAbcU1-7ZRekqPYVIJKnRvxf2bO-IYAhK8iR9MDs1aoXeehLx7_&google_hm=_R9j17Jlwu4rmCNasRWRrg==

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:33 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLqgyQGUXYeg9m0vUuvB-uC78IQtnaeqo2XVI0KOYUNCxAbcU1-7ZRekqPYVIJKnRvxf2bO-IYAhK8iR9MDs1aoXeehLx7_&google_hm=_R9j17Jlwu4rmCNasRWRrg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: t9vd7d36gp9218dgipr9f1k595iaet1f

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10E8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ms43Oz0uQE-7V90j4oS6ig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ms43Oz0uQE-7V90j4oS6ig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJIgVC3xje1FDek-ZnZGCoPRv-IC3DGJVh4CmkqKlCT7Muq2uXj3CNswke2qvoxEd0hNAHXmlpX02lneLoY9YTc6lx7a4

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ms43Oz0uQE-7V90j4oS6ig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJIgVC3xje1FDek-ZnZGCoPRv-IC3DGJVh4CmkqKlCT7Muq2uXj3CNswke2qvoxEd0hNAHXmlpX02lneLoY9YTc6lx7a4
date: Fri, 06 Aug 2021 15:48:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10E8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECxtD4Q9KCvYwlSHVgsBt2E&google_cver=1&google_push=AYg5qPI40ukNnGyFEUSEQI1i6HTt3EMl6VhI2niN7nPtbTY1fU7IBaWYGn46vhAHQIXF0AgRQIU...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1MwSVcwVFAtMUstNk9GVw==&google_push=AYg5qPI40ukNnGyFEUSEQI1i6HTt3EMl6VhI2niN7nPtbTY1fU7IBaWYGn46vhAHQIXF0AgRQIUwcQEcvqyxPIGWsuMNmZpy1U6o

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1MwSVcwVFAtMUstNk9GVw==&google_push=AYg5qPI40ukNnGyFEUSEQI1i6HTt3EMl6VhI2niN7nPtbTY1fU7IBaWYGn46vhAHQIXF0AgRQIUwcQEcvqyxPIGWsuMNmZpy1U6o

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1MwSVcwVFAtMUstNk9GVw==&google_push=AYg5qPI40ukNnGyFEUSEQI1i6HTt3EMl6VhI2niN7nPtbTY1fU7IBaWYGn46vhAHQIXF0AgRQIUwcQEcvqyxPIGWsuMNmZpy1U6o
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 10E8 43 B
297 B 152ms
20ms Image
image/gif 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEpPpIts-9pCI5JYhwlcWAQ&google_cver=1&google_push=AYg5qPKDnofMNSwdsUgwa4Elm4QPc3Syfj370cr8FQHaxZQp2EKyxxi0aek5Q8IjQOIAZeCfEnQj2uRxfc4xbzRz31P2DAPWeonb
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=280&adk=3341392137&adf=3464414444&pi=t.aa~a.1263416195~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1628264911&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x280&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911120&bpp=15&bdt=1128&idt=-M&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D04467d7bc900b030-221b8b8c93c800f3%3AT%3D1628264910%3ART%3D1628264910%3AS%3DALNI_MYv7puwBubkr_S_XY_qFTA0Sk74Ww&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280&nras=2&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=GQ3Y7Uq4ne&p=https%3A//bullshireonline.com&dtd=67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10E8
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEITcEpVqDdhM83jtTuEJgTY&google_cver=1&google_push=AYg5qPKgoETz1o7AiIiiX1r1...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKgoETz1o7AiIiiX1r11khcX1RrJjZGG4m-pTa6RST8_6gKU-RUDAardT9Pmku9Iqqy7xYUcEEIeMPrR9fWUs-jt2WthR5u&google_hm=

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKgoETz1o7AiIiiX1r11khcX1RrJjZGG4m-pTa6RST8_6gKU-RUDAardT9Pmku9Iqqy7xYUcEEIeMPrR9fWUs-jt2WthR5u&google_hm=

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKgoETz1o7AiIiiX1r11khcX1RrJjZGG4m-pTa6RST8_6gKU-RUDAardT9Pmku9Iqqy7xYUcEEIeMPrR9fWUs-jt2WthR5u&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 05 Aug 2021 15:48:34 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 10E8 0
12 B 124ms
35ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-wU9Kil0QmUBuyyFAZfYNbcDfu_am3UbtMbfrEIuXw38ezr0XewrsAxPKxoFaeheOtSt4cg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F81D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlycppTYdfo_VaXvO_fBYbkdRA4lXm6fU-YjdNbDtpv6WDf6U2cW2416BfTdtc; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 16:48:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:34 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame A6C6 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 15:28:43 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CEC1 143 B
163 B 8ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=100&adk=2205331714&adf=1704077290&pi=t.aa~a.1263417226~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264912&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x100&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911130&bpp=1&bdt=1138&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280%2C339x200%2C1005x124&nras=5&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=4770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H-YCWT5xQgCCxjxm0XMpBUZfuEuZZfTUa1IAD-UBNKIi7-D_w3-P3IJqfMfb_-sL-q-q_OkvrdPDp8pmxPsy8UgrGm4RuaZ4OxjF98&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=gxKKaWdx8q&p=https%3A//bullshireonline.com&dtd=1697
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlycppTYdfo_VaXvO_fBYbkdRA4lXm6fU-YjdNbDtpv6WDf6U2cW2416BfTdtc; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280066409600771&output=html&h=100&adk=2205331714&adf=1704077290&pi=t.aa~a.1263417226~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1628264912&rafmt=1&to=qs&pwprc=5172803580&tp=site_kit&psa=0&format=339x100&url=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628264911130&bpp=1&bdt=1138&idt=1&shv=r20210803&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C288x364%2C339x280%2C339x280%2C339x200%2C1005x124&nras=5&correlator=2524259339848&frm=20&pv=1&ga_vid=2095971055.1628264911&ga_sid=1628264911&ga_hid=699367433&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=172&ady=4770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H-YCWT5xQgCCxjxm0XMpBUZfuEuZZfTUa1IAD-UBNKIi7-D_w3-P3IJqfMfb_-sL-q-q_OkvrdPDp8pmxPsy8UgrGm4RuaZ4OxjF98&pvsid=2588433812225339&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=gxKKaWdx8q&p=https%3A//bullshireonline.com&dtd=1697

Response headers

content-type: text/html; charset=ISO-8859-1
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 06 Aug 2021 15:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CF5A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cdfa7cb96c83f8d4630759693a7831ba402db1775c16c8593dadf21415f05d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame CF5A 0
20 B 27ms
27ms Other
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7t673fnPICFY0H4AoduNADTg&gqi=0FkNYaSEM6OprAT00ZzgBA&layout=/sadbundle/%24csp%253Der3%24/7458881209570198795/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 28F2 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsska3D6RRvuIpSfJ_8uJDgb57z4gKxA_RD3xzYTA5uCuYJh02ya-UAJgQhF4dyqc6oN_x260n_oYaQ8nx11LKdpK-xkx3sMEw&sig=Cg0ArKJSzD0_mWsagVh5EAE&cid=CAASF-RovJTJaxmJrh8TLkmy7w9ihsRt2NIo&id=lidar2&mcvt=1144&p=932,172,1182,472&mtos=1144,1144,1144,1144,1144&tos=1144,0,0,0,0&v=20210804&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1009447710&rs=2&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628264910927&dlt=1632&rpt=51&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.js Show response
static.zbcdn.net/__cfwsvgt/asset/script/ Frame B1D3 94 KB
34 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zbcdn.net/__cfwsvgt/asset/script/jquery.js

Requested by

Host: static.zbcdn.net
URL: https://static.zbcdn.net/__cfwsvgt/social_tab/temp2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ac0d24b8cf86d2da8ca7f352e74f6c3a6af90f72973abd5fbe97fb98b9ae958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3454
access-control-allow-methods: GET
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 23 Jul 2021 10:41:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fa9cd9-178c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8cwQ5GSZBmS6L1XO%2FJfOph3xCxchZGxCZ2oJK9BDn4ZBhcSXe1cmaE5Ro0JAD9VtIQ7CQlDRjXBeyMG3WftflGXHnwnVr0RdvwahfH82Uksk7Go3DAwQgPZoFZaFofEl4EMNCNBEuya2Kutiww%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=691200
access-control-allow-credentials: true
z-server: Setting
cf-ray: 67a969087bbe4a92-FRA

GET
H2 200 jquery.scrollbar.js Show response
static.zbcdn.net/__cfwsvgt/asset/script/ Frame B1D3 11 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zbcdn.net/__cfwsvgt/asset/script/jquery.scrollbar.js

Requested by

Host: static.zbcdn.net
URL: https://static.zbcdn.net/__cfwsvgt/social_tab/temp2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f3101a26e26ab3dca7e61d7c1f812e89f0a72a4fb951f93c305d5df6195032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2248
access-control-allow-methods: GET
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 23 Jul 2021 10:41:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fa9cd9-2d3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kNImNyvniKckJChraRBXsfljZrBvxZPnNCAYWo1sVo0I%2BriiwsCdVEVKwgVWZf9YGJqO5v5bK5bnQF7nU1jTd19qkVK6NhpBDeKYpEKewQY6Kyr1w%2FmtuFJVx4Bxv7giFvse3hT9ZyIDgB41rk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=691200
access-control-allow-credentials: true
z-server: mariadb
cf-ray: 67a969087bc14a92-FRA

GET
H2 200 qrcode.js Show response
static.zbcdn.net/__cfwsvgt/asset/script/ Frame B1D3 19 KB
7 KB 13ms
13ms Script
application/javascript 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zbcdn.net/__cfwsvgt/asset/script/qrcode.js

Requested by

Host: static.zbcdn.net
URL: https://static.zbcdn.net/__cfwsvgt/social_tab/temp2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80ad14a57685ba765353e8a93b46a8fad89401222107495e37e46d1604b02901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2248
access-control-allow-methods: GET
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 23 Jul 2021 10:41:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fa9cd9-4cad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3ZRCZ3gSRCgE9V5Up%2FVBpDHxqbXkDSJw8Fip8UJSmd%2BB1XEpioVsciXFcWK8omJlxUkHIh5lXsvrIaTMDwcHo9krgmMJ63Idnsl2fX3yY2X8MD3nlCWg6J3jyU0TtFM80mPz%2BJWuopQKfIXgaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=691200
access-control-allow-credentials: true
z-server: mariadb
cf-ray: 67a969087bc24a92-FRA

POST
H2 200 multi Show response
stats.zotabox.com/api/1.0/event/ 0
330 B 349ms
331ms XHR
text/plain 2606:4700:10::ac43:14d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zotabox.com/api/1.0/event/multi
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:14d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 06 Aug 2021 15:48:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 67a969092e794a56-FRA
access-control-allow-headers: Content-Type

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 29D8 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Aug 2021 19:35:50 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 29D8 26 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 07 Aug 2021 12:37:33 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 29D8 57 KB
23 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 15:48:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=193492738170200&ev=Microdata&dl=https%3A%2F%2Fbullshireonline.com%2Fstore%2F&rl=&if=false&ts=1628264915588&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Store%20%E2%80%93%20Bullshire%20Online%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=plecwid&ec=1&o=30&fbp=fb.1.1628264915587.897668669&it=1628264912620&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 06 Aug 2021 15:48:35 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
171 B

15ms
14ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 16:48:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:35 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/ Frame 29D8 622 B
654 B 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/imagesuv0myt5eb1rnnbxsp1ds.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27dd645979465825b043f2dd95eacb75a99dfab17f810724a5b3a9693ecbf7ba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 234030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 622
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:42 GMT
server: sffe
date: Tue, 03 Aug 2021 22:48:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 22:48:05 GMT

GET
H3-29 200 028b303254ebf8cce5d82864ef4bb071.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/ Frame 29D8 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/028b303254ebf8cce5d82864ef4bb071.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7458881209570198795/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d9c678be1365ea84e0405a93d97edc04e8cab86b8e0cd10d0876a99556a306

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 234030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1822
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:42 GMT
server: sffe
date: Tue, 03 Aug 2021 22:48:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 22:48:05 GMT

GET
H2 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 60D1 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 14:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 14:32:13 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CEC1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 06-Aug-2021 16:48:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Aug 2021 15:48:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 06 Aug 2021 15:48:35 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ztb3.woff
static.zbcdn.net/__cfwsvgt/asset/font/Zotabox3/ Frame B1D3 42 KB
27 KB 29ms
14ms Font
application/font-woff 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zbcdn.net/__cfwsvgt/asset/font/Zotabox3/ztb3.woff

Requested by

Host: bullshireonline.com
URL: https://bullshireonline.com/store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a663045428dde255621d1cb17237dab68c89d45624bb0e6fa96a0b9a65921004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://bullshireonline.com
Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
access-control-allow-methods: GET
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 23 Jul 2021 10:41:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fa9cd9-a638"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMv5vRAdkXKAbSWizBQJXtrdRUQLWwi3XOdBftPNV%2BbMBbt6tyvgPITiLMUszgfT%2Bd78Bpb%2BaJsfeHAI5qpZr08vpcuXjTgziF9zJ9wuMAzsPR3RLP1J3EhK47KzCHbR6xUBP2d0VUu2ni9cJnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=691200
access-control-allow-credentials: true
z-server: mariadb
cf-ray: 67a9690cf9af4d8a-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame 1081 1 KB
1 KB 40ms
40ms XHR
text/plain 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec1f3025060bd7fcf083308dc6236412de72d209ccab43f3fa9b19870bc02cea

Request headers

Referer: https://ad4m.at/ad/dr?ed=1heyvfds5j1hndkefdvyqpsm9b2351e59m8pm477x84qynpbyt6btcq9yxczs5wwn7h859cdxp2z2fd2a383danah3qfyys6yhdfng6m9q2r4camdxzhcq1px8yamabkgj4ntbyyeyay3q2ardpa7vhzy37ze5rj5402rb1s8qgmmpkv635nh3seq4emzkfmv6y5w89bhygdw3v17jm7zs593vz8610zxs6hvj6b25mabdrkwknnk0qprptp8t1pepavx1jsch337y28z4sc00c2m4466eyrse7vr96n0bg5parvms14crza57wqtdj73k67th40k0vnab5ae5dx5z6e3hvcchr0asbr7da59r6vrwhc8bpwx9x89m6bw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%26client%3Dca-pub-7280066409600771%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 67a9690cff550742-FRA
date: Fri, 06 Aug 2021 15:48:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4kNc4cnXdxT0LZ%2B5CQBi7mWVsDERDSQT95VmXsRX02NSxfZr1fh5GOr6M7bd%2B%2FLTq0lh1qj9k%2ByvdafBQfTFE93QJefgGfYgbzNnjKfBfn%2FMLuGYbJ9BMlLhrG9YpRN6YqSMr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-rvz5

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 29D8 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 15:28:43 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 23ms
22ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210803&st=env

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1055cc140f382a31e81bd049ce32dc557ced53ef23051ad62bde052dc2c4bf39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Aug 2021 15:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8595
x-xss-protection: 0

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 3398 9 KB
4 KB 25ms
23ms Document
text/html 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c7586b2eb893e98d1ad131e32a5282d53103a4714826c7f118a0e5be1b9fab5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:36 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67a9690eaade0742-FRA
content-encoding: br

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 06 Aug 2021 15:48:36 GMT

GET
H/1.1 200
OK event
img.secureserver.net/t/1/tl/ 43 B
640 B 160ms
117ms Image
image/gif 23.79.143.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.secureserver.net/t/1/tl/event?cts=1628264916490&tce=1628264909954&tcs=1628264909829&tdc=1628264916248&tdclee=1628264910619&tdcles=1628264910618&tdi=1628264910618&tdl=1628264909992&tdle=1628264909829&tdls=1628264909829&tfs=1628264909827&tns=1628264909827&trqs=1628264909955&tre=1628264910011&trps=1628264909988&tles=1628264916248&tlee=1628264916257&ht=perf&dh=bullshireonline.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&vci=20962602&cv=1.0.6&z=1081428091&vg=25728fd4-6496-4b28-a3bb-0ef58fb6a0e5&vtg=25728fd4-6496-4b28-a3bb-0ef58fb6a0e5&ap=wpaas&trfd=%7B%22cts%22%3A1628264910613%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22n3nlwpweb041.prod.ams3.secureserver.net%22%2C%22xid%22%3A%223295476%22%2C%22wp%22%3A%225.8%22%2C%22php%22%3A%227.3.12%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22tortuga%22%2C%22nextgen%22%3A%220%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%229395%22%2C%22wp_alloptions_bytes%22%3A%221278705%22%7D&dp=%2Fstore

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.79.143.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-143-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 06 Aug 2021 15:48:36 GMT
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://bullshireonline.com, *
Access-Control-Max-Age: 1000
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9B10 12 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 06 Aug 2021 15:48:29 GMT
expires: Sat, 06 Aug 2022 15:48:29 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F5D 783 B
783 B 16ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9cd627da5e0baf3eddcfe382cdf3e6915b30c939f938879c545eddcb08dfe97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2UZfYAg4hPFeu16mpm0SJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bullshireonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bullshireonline.com/

Response headers

expires: Fri, 06 Aug 2021 15:48:36 GMT
date: Fri, 06 Aug 2021 15:48:36 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2UZfYAg4hPFeu16mpm0SJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 3398 64 KB
8 KB 27ms
16ms Stylesheet
text/css 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:48:36 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 247289
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Fri, 06 Aug 2021 16:48:36 GMT
last-modified: Mon, 26 Jul 2021 09:04:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67a969108e880742-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 3398 18 KB
19 KB 42ms
31ms Image
image/webp 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Fri, 06 Aug 2021 15:48:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161324
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdvcQOkJfyLGS6St_lXHA4C3yOyhwjoObGLR_HjdBddMqNSbDNW_DVAA-8lYYcZ1anLBtUnlfXzeUWflvL1sH6sqKL2moQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KaWuqi58md%2FeHXfU4kNmvanJRwtt1s4wYERAnGzDuN3VPV9Dvi9ifNEBiqrXKROCVNWNxCRuDNjyWjtwNF2JgIetYgKd063s03EBBPOoHpdxhMaHUGRuBH2f9TJQw0Lir1NS1gs%2FsuJc%2FfE"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sat, 07 Aug 2021 15:48:36 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67a969109ebe0742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 3398 2 KB
2 KB 34ms
23ms Image
image/webp 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Fri, 06 Aug 2021 15:48:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158472
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycduMzX4OgwORASwHpVohnj_ecymkhs6BRY-aHVemI2RYBDv4yETnrYeSiLLGcpt2dASfXrhfiLcrW2J9zgdd8XVKA4H9Mw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2hpus0VJ8uqNTlUwaQpZyvzTgkJx9YkEMeZYrsbtGphLJHJwt7M7LCpgGWdy4DHHH6Bpcf9VGwMIIDi7XeJAvjKpY7ItysC21bcNERKyfDgo2WbrVpNcHSGBgc%2Bi12Ues0k5rPLS4uBZnnw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sat, 07 Aug 2021 15:48:36 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67a969109ec10742-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3398 43 B
702 B 134ms
63ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__asuid0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheHasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Aug 2021 15:48:36 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 3398 38 KB
39 KB 42ms
32ms Image
image/webp 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Fri, 06 Aug 2021 15:48:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 157713
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdvMH-6tN-SEmc3Wj2fssRN0BVUiSdeC1FuuzsQz3_iBOALeegR60cC-bZHcN_PjDkQvZLRiECDD3c0n4tVmaw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUvRETx1eD4DLwhn2XqtxCqFw4GNyTXsk4Z8a7dkONU%2BYHpMGhxqIyn%2Bh9N4%2FjGROkAok6ISJxD12MNHbDru4yTCXqGcoPL314UaOPYlKWcFD%2BwUwzeDwKKD5AdM3zNNjZdPI%2B2n7494%2BiAy"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sat, 07 Aug 2021 15:48:36 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 67a969109ec00742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 3398 113 KB
113 KB 38ms
27ms Image
image/webp 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Fri, 06 Aug 2021 15:48:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166534
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdvqAG6InbgYhsJgGdF5b4Q5DynIN-AednGBaOc3dZPHsAAbCfKAQTNU3BVtNATNgGXBdJJ9k9ayrPfNWpqrWg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn6jnuSmqTvB2uB3V644W3m5ie9uq4Wb%2BSmvFfrOucNRYwqOnSzXANCVMRB7H6QB%2Ber7YMDNSg0%2FUfP9L%2FtjqNiBFRV7xi8HaUhSRdUD3GlhbbcbRow6MUGh8gxpGfRbDAkg%2FtZnxAcG5MLR"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sat, 07 Aug 2021 15:48:36 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 67a969109ebc0742-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3398 43 B
702 B 129ms
59ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuid0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheHasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Aug 2021 15:48:36 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 3398 8 KB
9 KB 29ms
22ms Image
image/webp 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Fri, 06 Aug 2021 15:48:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158244
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsA6T2jkWN0qug7D0QCHKOjpecdoF4YJisPoJAgymhibcC9bPykcebQ1xT-OripMioGv1pqJghm7lFW-Js9Y0k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSDch%2Bu8DKz2umgnx6KhgcgX2JBHC0mfhywbRqAz7Tr2oKmfowEiZNgSYPhRpQvw3uJhfi83MH6OQTUFgjB%2FIp8696JszKiiNYekl0xt%2BmyW0wdzt6NoyMKyB77wBfCUhijRs5uVsVVAc13w"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Sat, 07 Aug 2021 15:48:36 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 67a969109eb90742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 3398 35 KB
35 KB 38ms
31ms Image
image/webp 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Fri, 06 Aug 2021 15:48:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162818
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdvAMcpgLipJf9rt8YwgRgF9xuOnxTXgpN0Ae7dXcJSflIzAzRKVXLbfN_fqLs_sN_s3gs9tdbDd-mmoAkbUCL-ORM_Rdw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=321g8yXJJauwh9IZMW%2F481%2FR74tUw7adhUHLIweHaXC6VcQVp7j%2BFhKZqCSKLhyq7RQtHj2IwwDUCv0LFIztTM3%2B6Cli7%2FnFsYSAtilLEa3Iif0rR7BtX97K43nBzNnu019j67ahi5xNDULb"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Sat, 07 Aug 2021 15:48:36 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 67a969109ec20742-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 3398
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COuL07_fnPICFVO33godRfQKIw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__asuid0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheHasuid__dc_reach_suite02wkz&gdpr_cons...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628264916_c32c21b0-f6cd-11eb-bfe3-692d0dec5663

0
518 B

92ms
28ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628264916_c32c21b0-f6cd-11eb-bfe3-692d0dec5663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=300&d=250&e=0d2MAqCXWv2Wl5JdI2M89T0ZfBOkNheH&g=bb8f5dc2ed37a9a99df68cd8d0b21ce5%2F16957401949476442069&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pcxyg3zf7s1nv5xv5e6gwkjkwypkx60vt2byv6y1pj90chg9e8sg0zbxqx4my1vs5nav6rc9k2sje6j6qwgrs8qftqfnfefaevhztb5f8rjc81jftdnjh5p6f8bg8gtt0rcfrm06raxe9k03vm8jkqd1nsx1jn51x5hhhpk4vdseft2syhebsvn4k1afhzpfmeja0ftpa5dej7f6w2ycvxn83vyy4wpfxfy5qmq9xdcdtcsvtm2qppdjc1c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCI8xrzlkNYfCiOcSP-gb2oKi4DpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzI4MDA2NjQwOTYwMDc3MaABwq7o3QPIAQmpAnzZXHukxLM-qAMBqgS7AU_Qb5mnSa4Y_qL1Ldqg6TDE9Gx69aHa5y9nNeRS9hAas3CCzxub0JacVMNwYu4DE0_IdmCe8TXSdF4586UKcaY6Bq7Z5wZDcYrnsBPfdITqR8Ab-tWX1qRmJ7wBsJQbZTotgEk4dWScyLBKjOb_BZzQP6q1DKQgMD65SUdrWDGk4H8NqKDIdNKfH5YHEcPIvntAHveD4A5cdAa0SEE_lNWbShgcmLvVrNZG8xUt5HLoUN8MvfP7uCCJg4aABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1REvtWrIOt52jyX9xzx5wilhpkrw%2526client%253Dca-pub-7280066409600771%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Aug 2021 15:48:36 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Fri, 06 Aug 2021 15:48:36 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628264916_c32c21b0-f6cd-11eb-bfe3-692d0dec5663
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B10 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 14:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 14:32:13 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210803&jk=2588433812225339&bg=!lJell9PNAAals0SOpbM7ACkAdvg8Wsy1kiVTGOwfRt5KoXrQUMG6gXjXkg_dnxa5XESgSsCzoNsUdgIAAAEAUgAAACVoAQeZAnQU96yabWr1DBVRLTz1hd9k_PdHbZyLgzleyJkZ_xVYcktcIBHD2O9E-yfHV_Pq7rBrXVM5jTEsA0CSkuTUg9dDWsUsoiwJ0LlPmkw_jJttkzAe5sf63Dqpcv0VhoVL5QNE9zRbVvwf3DL2J-X1juvBJtliRGYexRaPErginZfN7odZvYWBN8VbM7IOWl7El4hjcNXLPpHazb365PlARNckcQ6RAQLwS8vOfinAB3BLr7m0NKomCS6FXux-veizziXXwVgh3cFNDUdv12PmG7j1GZ_-QmMYzLFTCTm4LDIa4iKXhoe9QSg9b1RrBIGJSuVLG090MUJpMm7beVx2Rq2ElUSNW8adFoANp6OLt3N5mZAmMTkuc3PojuoXLmp0Fq7mdPPXXqcLC2gQcoOH_zWgTJB2PY7nE7JoXhrEy89wVlD-l02O_fg3egK49DNV0_UmVUbhSXyG0AH7zkE_6Asj-r0Wumn-QK8SEx0puZKUJ1D4xAxwHGhx81HcZs1T9h0HFUXl9bmKEON6rO_vjecta0gg5muRaG_XEvRYpzI4BeMefM584leBy7NoHtYOaDkHgKVZhtBLoor_XoNFbHP2a4gU9NeA5_-ki8Dbi6oVenFBve1TTfYoYXcS2E5KUN0-d6JfuCDnpj1jnR1ZB9adUJuJ5ZcoY2Nj6WvDx22CtTMJDqUmSVo5ksauEFdABizpZ-KcXDqWkQ3UJQ3fDbn3wQN0rjZclMlfHfkiraq--I2m3SjBfuSXXC1GJ69oP9AAOKS_bB-EiWgdIRqRrU5pOP1cijMIxcl_xSX1iSQqzbORm-f11WdsYESE63PqZ4amSXT4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Aug 2021 15:48:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK event
img.secureserver.net/t/1/tl/ 43 B
640 B 112ms
112ms Image
image/gif 23.79.143.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.secureserver.net/t/1/tl/event?cts=1628264927540&nav_type=hard&LCP=392&CLS=0.08431035925292968&timeToInteractive=6637&ht=perf&dh=bullshireonline.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&vci=20962602&cv=1.0.6&z=1690843181&vg=25728fe0-7544-4aa9-8527-0584af5f335f&vtg=25728fe0-7544-4aa9-8527-0584af5f335f&ap=wpaas&trfd=%7B%22cts%22%3A1628264910613%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22n3nlwpweb041.prod.ams3.secureserver.net%22%2C%22xid%22%3A%223295476%22%2C%22wp%22%3A%225.8%22%2C%22php%22%3A%227.3.12%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22tortuga%22%2C%22nextgen%22%3A%220%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%229395%22%2C%22wp_alloptions_bytes%22%3A%221278705%22%7D&dp=%2Fstore

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.79.143.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-143-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bullshireonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 06 Aug 2021 15:48:47 GMT
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://bullshireonline.com, *
Access-Control-Max-Age: 1000
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

269 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bullshireonline.com/	1970-01-19 20:17:46	Name: _tccl_visit Value: 25728fd4-6496-4b28-a3bb-0ef58fb6a0e5
			bullshireonline.com/	1970-01-20 05:03:20	Name: _tccl_visitor Value: 25728fd4-6496-4b28-a3bb-0ef58fb6a0e5

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://bullshireonline.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:31 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:31 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:31 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:31 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:31 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:32 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:32 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:32 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:32 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:32 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:32 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	log	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 1109) Message: HorizontalCategoriesWidgetV2 loaded
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:33 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:33 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:33 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.
console-api	warning	URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js(Line 2621) Message: Fri Aug 06 17:48:33 GMT+200 2021 ru.cdev.xnext.frontend.client.tracking.consent.TrackingConsentManager WARNING: Getting value from local_storage - failed. Maybe your browser is not supported or this website doesn`t have enough permission to work with Local Storage.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.sitewit.com
app.ecwid.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
bullshireonline.com
cdn.onesignal.com
click.driverfortnigtly.ga
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
connect.sitewit.com
d1oxsl77a1kjht.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
d2scn539ulxr09.cloudfront.net
d35z3p2poghz10.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
ecomm.events
fls-eu.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
img.secureserver.net
img1.wsimg.com
img6.wsimg.com
m.media-amazon.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.doubleclick.net
static.zbcdn.net
static.zotabox.com
stats.g.doubleclick.net
stats.zotabox.com
t.paypal.com
tpc.googlesyndication.com
wms-eu.amazon-adsystem.com
ws-eu.amazon-adsystem.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
104.111.239.217
13.224.96.112
13.225.84.72
142.250.184.226
142.250.185.98
148.251.139.77
151.101.14.133
18.198.144.239
18.211.81.84
185.64.189.115
192.124.249.170
2.16.186.121
2.18.234.21
216.58.212.166
23.45.106.90
23.79.143.47
2600:1901:0:76b9::
2600:1f18:243f:2d00:a874:dd37:27b9:63ad
2600:9000:21f3:6600:19:7012:e500:21
2600:9000:21f3:8800:1c:b536:2c40:21
2600:9000:21f3:ee00:1f:f560:8d00:21
2606:4700:10::6816:37d8
2606:4700:10::ac43:14d9
2606:4700:20::681a:d24
2606:4700:3032::6815:57ae
2606:4700:3039::6815:c07c
2606:4700::6812:e134
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9a
2a02:26f0:6c00:286::108
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef
35.186.253.211
35.244.174.68
45.9.150.63
52.94.216.147
52.94.218.163
52.95.118.184
54.86.20.131
63.32.201.39
69.173.144.139
79.137.68.187
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
056b47931e4f35afa2b8fbd590131ba86a68df09ac0992b8367b1d8e62675c70
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
061ce6c8068f9b1d91aeb1df611926a49300608287c9e49ee8190ecf7d5096d0
0756db52f8ac711fc1fb8afa390d177ce8da0f820b2a6b6bec4b4e9d7c8443ac
0b2616dc0ed3aaded1f8d884a8c0400d12a3e9b68eeb2c006215c2a642dbce5c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be41b4a412f7a4fdb18122b614403f1b3406b0ccda5a10227e74a8b94ffda91
0d1894876e60e8efac9bb0004e8446c75f57d0a7a0e92a646ef868d8edc65728
0d24e7352e1b33d146f38ebb0a8f56248abc0b1b5d1c26369f5a68eaec9dcbee
0e4b72173488c51cd6a1f6fddaddd49333e288828cb28d1f4c91d80d23ff4501
0ecd5ea9ef0c2a0fa80026966eb9739912fa1f61fa4bee79db9a1ad979744470
0f4962391b9596741409e70de4452d24cda1a1a5605ad85215ac0b1c14f2144f
0f7ac2575b51f3aded828b604cf7aa1b34b19d9a578a8bdf5966a5f975a479a7
1055cc140f382a31e81bd049ce32dc557ced53ef23051ad62bde052dc2c4bf39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e39c3e87e7004e24c39242badcc0525fa1e14d099a17373965107daa259e03
1452faeceadd009d89525f25dc2132819bc1d8897b50fa3abea4f9b454047bc2
14e53d0fdba943953f9518df1259b201abe094302b7774b32642cc61c71069dd
159bae2eb92b11e89acede38c7891d9438142fa919a3e237ddcc84b803068589
16da15aa6e405fdc34f5db5c23f9f000db59c0690afd9bb33cca32eeb699682c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19e37d15284ee5cd6fb864e73bfee952e1fa9d2174dd257a0045a8281df67a86
1adf7e8634e3bf4dc731191135678d3c538fbbd3440ccc915b0629cc95092be0
1c4071cc1429ff51a8170a99ab0fe80857c90b429e5058d80a1dccdd15e34958
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
1f402bac93da6ea7a6054bdb205c9fd738331d24bfc8eadcdce9d9491da7ed25
1f660caf5215cf88f5393d38d2153bee465ab11b2c9694b988b757ffd8ca7326
2093650b5b24f38bbedffd238a225f9d607181fc822b0b4ed302ecf8a7a288ce
216aa86951eed9d7b7ea45c2498c818986f8bd87591fc9a46f6e37813080d778
22cc88ba1b04743117a705c32d3f9680ec5dfd60f560dace2754063fbcea2d55
241b8a4a2a7360f474660b01ab99175d80684db959401ad1a8faf2f58a35be58
2596198e77ccbdab3018bee48950659e33465901f5b2060ea5439ff6c1f6a9b1
265cf7b936633de235e89a655b950dfb9be96673a25d7f221752d4341903b06f
27b735a808975c0cdec2f759ba4afd7a47c63ca87d6e614fce067c677ba5048e
27dd645979465825b043f2dd95eacb75a99dfab17f810724a5b3a9693ecbf7ba
28cc56fdd20d572eb1d79797f0deb9f039c7ff6fe0900da762874f766b580b2a
294250100f6d8e424a4e75c49539f5281bd308b22039e01f1cc86f94dee17e79
299f076b3c5588b631445c20bfb228e53f1fea573910ee6552711851f408c23c
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36688f50451e7fa9efbb5dfd2916a0aea8a26adae312ac7dc1b79951c10e39
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
32b996f4376a4a0b0f03fb52aa66bba41b68e2b8cdef0e618f3346de3c8cfef6
342ce775dd6a845824c50cef855d4a835714019af703a1ed5bd3f6f748be3523
3608ebce54a401f4578d2b739d6e528c2035c710588df8c36ea1b6c7725d21a1
36393a51e7cf62e69dd1dd3be6a98945bd9f40b038900f1b893b09819527ead7
371e561430efd837e56e2e5e074940701d5334a11059a31af1907ed002e2e61e
37a5c4a4d8fabe2dae48fab75d416320dbcf363dcfa188638d0ca05ca9042d71
38fb0acdec490c31e3943ca173a05025af91459eb0210d6debc451347d6096aa
3ad0a497ada041aea5414d6819439957d936ead1e4f0d1b49ceffceb5bda8a3a
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3fb62cb10b254746c2c30036621eb112960a6e95fbcce9eb5edab8b61d089ad8
40b569995131e7d1d8a6c2ef0b6b824789a773eec08d785865c113633c448b18
41270be5987fb3700f7b67124f1b682d5f9b26f86979ccaad396c45c57c20a0e
4413f4bb72d15fbdbf6d9b12930f3a42c7670d0d4823e3aacefa6ad94df85b92
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
4731e21d2d3ccca8e8251a3c1a7cc18fea5fc9aaff29e4ec4721074d29225f6b
47cace1d6871bfe05d91b009931d496fb7bd6d68d656550dce95818f9f053356
4810a9a8efe61a290874f118d4d1ebcb6c852a30e263da453c1a3154f89d3f73
485e3b5ca3bd94222a5e9a5afcdfde3b7dd7559e98aba39b47b0eb2d3329e288
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4a698969c671ac1a096d6d9e598220f1643442fb6d617c7b3afaed13b1fa2131
4af9cbf413eec1d541070c3d619cfc084485f4f7cb5533b300c5b33476f47f4a
4c7586b2eb893e98d1ad131e32a5282d53103a4714826c7f118a0e5be1b9fab5
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5
4db96363dd835662f6ed67c4f903aeceb027ba452aa87b05227c76360513aea6
4dd644b939aac714e8fe85ab3bef02224534c5c3889bfd6f2ce8ebe8e5038eb3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53454fb170d4a873be79bb3fa37447a64f994b78f4a276e66d3a3c6a8f1dd097
53da42715cfb9c1dd807741c87cb0ca0f27692a36da9aad9fd01927cc6971374
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
57811d35963fb72200c505b6cf3c3ae5bf001da1616dd22f1219e0595a9b7bc2
58fe68d900121ac03680a7b7df8b303d7095576a045b30622282527457680508
59cbfdef4f2a9a846d7f98276813927762f7f67851c64975563139d17d47620b
5adea377e0fe5a36535cf7fbcbbd9bff8651b006ca145856112cdfaa8080a328
5afaf3367c835ba8710454805a1234a6686ffedd1f01aa97cc68f0d7272f69e6
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d49380623ce55b9f88bb80d034292186db3a18965fa9c14dbd0c8b629a3198b
5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03
5fc1a185eca2d0148fff2127bead645bd412bcf89313e4c3ec70b81a6ca63935
6061ef06912cb06ded3a844d6335ea9bf89112d0424437bb5f6b29c50308b56c
6310afc6b083799134ea872e83464c204f87e0963ec77d675f732682d6a06c67
631c2a1cec54c119bfd02f87fb57665ece43d8814d151c0330d38025980c6e07
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
6375d4a9aa6b166535037067fee56595681a6560b73296ec562c8d37f89c21e2
63d9c678be1365ea84e0405a93d97edc04e8cab86b8e0cd10d0876a99556a306
643ed328f10ef05ed3e79f760678155cecd00dda60845b72a76f014845d9ceab
64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c
64eec022883d7979664691a9fbe1b077c8288e0d4e08ad847dd73efbffb10603
657632a4aeabd8a85d83f1dfa3ca13234a51d33da48bcbfc890baf3499869e95
69aa2a4522ea8a79c18dc0277497413e47a9090f2e65cbc98577bae67b5632ab
6b60b8221d853ed0edf3dd19c90b0d713f7c8a5423f1cb04d47d9bb348b71629
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfd149629ab51683ae226d39f8e675f9a6d14633849ac8907214c952642baf6
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a
71dd241463aa91042d13b2c6aaa01b6b8729272e10c499f5440630adfe58b628
7213837405a71f7beb4f15cbbfb217995e5b25daed87b347770eaa6e889f9db5
73b4d861db575a89dbec8b109d9eed31c1aec249694bcbd238e7e532e2e723fd
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
753ab8f327c72a7257570b91b7442145f02c29bd47dff03c2554d6a475b8ec1a
75f3101a26e26ab3dca7e61d7c1f812e89f0a72a4fb951f93c305d5df6195032
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7a89a657a8d9c5833552de4a0d4d5768b506358f712bfb380980ed4ba1c47d18
7ac0d24b8cf86d2da8ca7f352e74f6c3a6af90f72973abd5fbe97fb98b9ae958
7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e
7e07a69eebbba972a495642ed0bc76297a562609b4822506c97cde53e879a896
80ad14a57685ba765353e8a93b46a8fad89401222107495e37e46d1604b02901
81c7685af96badd81fad41fff2e20d53306a6b33c8662ca5821ba36622f6b4f9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b4ac2d6e71d67312e4a04ccbd0236314ad7d5e104ac2e8c454877c60725bf4
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8920176024bcd1125f115e463b13d79862d26782882e858546330ce51627e3b6
8cdfa7cb96c83f8d4630759693a7831ba402db1775c16c8593dadf21415f05d5
8de8a317421636f96a47537ffa3d36a4e3f9a28af23be750a4c291de152bac21
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
918d8d777261a9db1ae8fb6a57a8f7aa394b68f20d437aa7b21677240509a994
921995dbdcaaa1cedca0f4b3bda3718a66f6c09f69922d935a58eed193cc39f6
9364a77f7f7661d3e7a0948f31c641e7c100556a846fbf06c72d5e2939b19c11
945f3d9ee1fa85c1d65efc0638f16ae187b70ddf5159fa66347f64e45971e313
94e8e1dc7c4c175e5fa22f9b0032f3e1e2b44e30cab8bd3989af6c3b29970b99
95c12caeceb7bfb2b4864398e304b19ada0e62ba4f49ee6a18539ab7db06e15c
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e
980bdda701ece36cd42bb86084394a2f05801e8323f275475904c51232381618
987ecf2b25f10b5eaabd09e48df6dfd5b8739a79ea0ae887317798fcaaa83a98
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d30b22b52ba9d5630ec2e0ef50e537d5f5c175397970898e967a8c8e4ace190
9daaf6a99d8c7256a8d39853f5529ae92a3704423e6d627a3e496ba04e71e62d
9df2e8e636d2f6fe9edf0e6195a97ddc9fd742da9b1ef56dd9dc15dfc24418a9
9f2bb6a699d5f7e9acc76f7c388244e7d60b3bc4fd01a349dc576276a3a7c98b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0c4064429d7902ad44fac5cf62f8927d8697ec1e56ca6db6c8b64557d497360
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a245748d482185e8b9450e85faf4fae2b606f34fe75a060455c25345c521f856
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e496e3e1e9869eeac6631ae7989cac969bc3ef9522578587ebaa840d218e16
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a663045428dde255621d1cb17237dab68c89d45624bb0e6fa96a0b9a65921004
a9934015919c242c6cf20cda6c96a85e19f86343d413dcf8d6a121197ab4da3a
a9da7735ab8deb5319b92d41c73f696b1867ef6838a4b564b02971a4fd979310
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
aaefc893ba7cd0a964810b7923f85d6345c1f91df3c3e88e0f46937abb162d98
ac344a7303f59b11c699f7f42b0d5fb9c380c1e829e68f801cbe0cec8a2a442f
acc1d26fa255f9331bfb1a8c4dff20737a03c136890f197a3ccf85a22b33a09b
ad59a5a6b59a97bb2e46daadcd01a8e5366fb1513e71ecd9a055d7d6611f45a9
b08bd2e81df7790230135e81ef598de03213f5b4933b285e496437bbcbc2e3c3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d493880a2dc3a251460ef4b1d97e29682f92165b4a3594eb895263752966df
b386064729c5fe39d8c11f0848927837fc89017db6ed30c17735005dcbe7c814
b410885b37fc55461ac2df620fa28148fe4d9b65191c17ca0bd8a709e111fe08
b5d0628e911bede03fa2a96368ead88f5fa71904772b867d4428503fdacde0f3
b5d69bbcce4c1cde21dfad4641b64ed8908c705cf3bf167001a806fab5137740
b63169e944c016db6599d9d359475c91d20134ff486309cf5f4132175bb3ca9a
b6c603ed33f28c9811402ee922568d41a06e7ba28af188ca9bdf9ab9feb6174b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
ba61b61c970e026906c2b9926079ff32378e8b20595731b4658741ed72f7091c
bb01cdd545c4ffe510e035732c10ea38f931fd8116c469ad133287ef12c1ddee
bcd0d3ed3dcd01498b62bfcff4e9b8919f5357995e37240f7b809e679b5dc72a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c05b3fe98d959c819dee3853fc3203cc402a38b030c699d743bb6a3eaf62e7d6
c142116acfeb5a5b97068987d7edfe38920d51e59a004d3542b90c8cdc55a0bc
c20b52abd6276eadcaeb7e69c43a0d381c957b97bdb7c3b1e8823b4b777a00c6
c213ccac3e5b25566a4f1b6785892ef803f9e56a6d7388d31755ef266873a2d0
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c32562c07266e5fcad9e4c99fec33cd60a2d547718dbe0d6e83a89014a4288aa
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c386ca8291273295d570b147809a62712bc6dd17fc85d56acf3901b6e2a3ad52
c3b20b45e0c7fbf60bfcb3db99db384a057f117141f159dbc7407c551a908676
c3f83504fab699bdd480c7380a55bfd115c5c8283678d236a0b955bfc5c73919
c42134f2ec66be2a5bba73d528c797481f7c2e670dee935b0601dfb87bec10b2
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c71eb95d3044f28539593b358eb1b1a2f787212050622cac7cb16dab4f878016
c7480d1c800c24f7949bfc09ae816a43923d020d169da36678bebdac4de8ceea
c789eec815ff37afa447e381d40faaee3c79e18a2dd21e391510470a89add4bf
c85b9044de8cd795fc3f5ea5117d246adfb874ee103c2e82358ecaac2e42f1ba
cb59ff4ba4ee7d579b1e9a24288ce648eeda0c4336844fe39517ddd2537fd3b7
cc286b2f9166052b79b2e613d59ae8c917770a2616da250ee98b5ecedd0cc656
cc30f7b46bc71c0888305e3e2ba268408505fc3918717626dbae49448ddf33cb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6
ce0c7d32f170b7bd99bb13054d541aa0e148765b818ebb839fc06ba205f7c9cd
cebdbaf528d6a8275dcc574edda447791c958d3815253129e72cb731e4074cbc
cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00
d0adcb3390d9008206a07f7907b9cfab2de30f44da8119a754a8fdab1e90b133
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d145b4225c2ced7b3f98f440bd1832268ddc38530a7f8d49c1e91004e710d53e
d2c560e78b478d914f44d979474e9e563154675a346a3797ea9436d31976ee75
d31e127cc3c20210777aa14b86d8649567c9eb27e847b73e4ab6bc5728aeef89
d37e66dbce1d939c2842419a7da4cc88f54ab1364c1052ca46bb10633c9a78cf
d551094e8b650c487f2d8648ce6721532e3315a92a9ade2dd4d397ec8adb0bea
d5e55efe212109777cf599ac832582d0b1121704917afe6e598219bcfeb7f43f
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6c35be900e0b2b5583a1b2f09bee9c3cac86f43ff2ffa95a32c50499937b02c
d7828f4ea1c13f7e062160c7fcd15eb48c9dfbd7498a670f618d6b755dfd562f
d7cbac0637d7f7e742c8c00ce3a24adfbfb05787c7b4c756b9b6d01cf3df544c
dab3eb9d69e33f7403c996133ec252a213e2dabe473d759775d1aeb2ed848b8c
dbdbf67433a0dd599ee3c91538efb8dfab196fc35d48bb8e417d5f1716a3aaba
dc09898b8a58edb1ecb4aba65aa15d9ab9679cd5b4c84fa0f1781dcb81f8c732
de9be251d232cbbb743a188008727eb560c7b6353e32a10dfae88068424af3b2
dffa9944f85400a88e322e5ef6465b5e1930c526aad5524aa7444935e91317a5
e32e9741d47c69b01a71dc28e65fcd25fba749d304abccb059708881d50a34e5
e3852b70a923432b03d32edf2d32f3a66ffdc3d0d136d2023cc00c870b4ca097
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aa77ac0416c0114af8b99df46c75fa94ad61a9e16a48c1e8ff0f45cb564d52
e545ca906c53302e3d2a111e09b1feb211e23d6f38a6d32e751967f023c2f755
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e77daba1bdbd6f196bc9c6b074c18697df3d4dc68abb3baf8e966fa0cfc5667f
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ea74caa02349eb87721df87181928ccf626445beba1e49185aa30aee1417eaaf
ec1f3025060bd7fcf083308dc6236412de72d209ccab43f3fa9b19870bc02cea
ed5765ba52c79f33c9cb03fa9bdad21e0f33bc188a1d430f9365699d8fda654d
eda6d2fb1517689bfe5225d70a562cb3ed1353d9feb5fa385b12507980991a32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0241983d02e9e7f006980ab7a081de5d305e8d8c6ee8cb5d10e616e4878c5f1
f0b4bfc99940243dd616ed1c9385c9b887334aadb83d770590bfc7fc45cdfb00
f0fcc839bdd3445cba30e6832f67b4c987b64363196bb50e1f2b1caa691f1525
f32aef3eb27514abb180c6c1a61a845ac84994c8f413730e065f75a4efbd784e
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3
f9cd627da5e0baf3eddcfe382cdf3e6915b30c939f938879c545eddcb08dfe97
f9e86e00d8403f08d13cbdba8d8a993a3183316118314614ebe35486ad2fbb9b
f9f71aebd6bec05d5a39924f517d9a853d7ed16b015c39b09efd944a1f68798f
fa20d56677ffad13a3d05d2b954b5a872ff5cf902c6ce8b374ecaf62f0949d68
fa41555ce7d1f7330f85796dfda2950eabb1bf320d82bad637b1f023eea8d889
fabfd965e4afbe14ae9a6071a5300a0b9761a081e0877c41ad375af5306a1943
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f
fbb3ff68378443863920ac544cbaa4386f5d75323da7206114a6e418b697393c
fc811078e34ac8cf45084ddb500d1a4a75a26572664f8388489c63bbc81c2376
fd254fb2d7b0e1042af08e2c4500637e0d9fb6f4defe405286d322a5e24c17a4
fdb9724bbed79acd867eba87875e7291ae63471f2c2bbdfe9f9b8cabfa02e642
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

bullshireonline.com Open in urlscan Pro 192.124.249.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

325 Requests

100 %HTTPS

56 %IPv6

41 Domains

60 Subdomains

53 IPs

7 Countries

7822 kBTransfer

15892 kBSize

2 Cookies

4 Outgoing links

Redirected requests

325 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bullshireonline.com Open in urlscan Pro
192.124.249.170 Public Scan

Screenshot
Live screenshot

Full Image

325
Requests

100 %
HTTPS

56 %
IPv6

41
Domains

60
Subdomains

53
IPs

7
Countries

7822 kB
Transfer

15892 kB
Size

2
Cookies

325 HTTP transactions
8 data transactions