urlscan.io logo urlscan.io
SecurityTrails logo

tgfunnls.org Open in urlscan Pro
2606:4700:3034::6815:30ec  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://in.ehj13.xyz/8e31f43a-3473-4423-afef-ef34167ded12?SID=QAMG&UID=S&EID=DE-CUR-003&DPID=HD9&Date=230621&Email=&C...
Effective URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Submission Tags: demotag1 demotag2 Search All
Submission: On August 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 7 countries across 23 domains to perform 1023 HTTP transactions. The main IP is 2606:4700:3034::6815:30ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is tgfunnls.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 26th 2021. Valid for: a year.
This is the only time tgfunnls.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35 18.195.174.160 16509 (AMAZON-02)
11 2606:4700:303... 13335 (CLOUDFLAR...)
340 2a0b:4d07:101::1 44239 (PROINITY ...)
14 18.193.146.82 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700:303... 13335 (CLOUDFLAR...)
33 2a00:1450:400... 15169 (GOOGLE)
84 34.96.102.137 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
125 37.48.68.71 60781 (LEASEWEB-...)
14 139.45.195.8 9002 (RETN-AS)
68 2a00:1450:400... 15169 (GOOGLE)
1 52.217.205.96 16509 (AMAZON-02)
31 2a00:1450:400... 15169 (GOOGLE)
14 54.192.219.13 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
14 34.102.183.26 15169 (GOOGLE)
14 54.192.219.34 16509 (AMAZON-02)
14 13.224.96.22 16509 (AMAZON-02)
1 108.128.72.146 16509 (AMAZON-02)
142 2606:4700:303... 13335 (CLOUDFLAR...)
1023 24
35    18.195.174.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
in.ehj13.xyz
in.bd44.fun
11    2606:4700:3031::ac43:da2b (United States)

ASN13335 (CLOUDFLARENET, US)
tchfunnls.org
340    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
static-13333.kxcdn.com
14    18.193.146.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
in.xr117.xyz
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    2606:4700:3033::6815:3d08 (United States)

ASN13335 (CLOUDFLARENET, US)
tagstaticx.com
33    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
84    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
14    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
125    37.48.68.71 (Den Helder, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tagdatax.com
tagdataxrt.com
14    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
68    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.217.205.96 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
31    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
14    54.192.219.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-13.mrs52.r.cloudfront.net
static.hotjar.com
3    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
14    34.102.183.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.183.102.34.bc.googleusercontent.com
cdn.pushcrew.com
14    54.192.219.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-34.mrs52.r.cloudfront.net
script.hotjar.com
14    13.224.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-22.zrh50.r.cloudfront.net
vars.hotjar.com
1    108.128.72.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
planet2.digital
142    2606:4700:3034::6815:30ec (United States)

ASN13335 (CLOUDFLARENET, US)
tgfunnls.org
Domain Requested by
340 static-13333.kxcdn.com tchfunnls.org
static-13333.kxcdn.com
tgfunnls.org
142 tgfunnls.org tagstaticx.com
tgfunnls.org
97 tagdataxrt.com tagstaticx.com
84 dev.visualwebsiteoptimizer.com tchfunnls.org
dev.visualwebsiteoptimizer.com
tgfunnls.org
68 www.google.com tchfunnls.org
tgfunnls.org
34 in.bd44.fun tchfunnls.org
tgfunnls.org
33 www.googletagmanager.com tchfunnls.org
www.googletagmanager.com
tgfunnls.org
31 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
tgfunnls.org
28 tagdatax.com tagstaticx.com
14 vars.hotjar.com static.hotjar.com
14 script.hotjar.com static.hotjar.com
14 cdn.pushcrew.com dev.visualwebsiteoptimizer.com
14 static.hotjar.com tchfunnls.org
14 my.rtmark.net tagstaticx.com
14 pagead2.googlesyndication.com tagstaticx.com
14 tagstaticx.com tchfunnls.org
tgfunnls.org
14 in.xr117.xyz tchfunnls.org
tgfunnls.org
11 tchfunnls.org tchfunnls.org
3 www.google.de tchfunnls.org
tgfunnls.org
3 stats.g.doubleclick.net www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
1 planet2.digital tchfunnls.org
1 s3.amazonaws.com tchfunnls.org
1 fonts.googleapis.com static-13333.kxcdn.com
1 in.ehj13.xyz 1 redirects
1023 25

This site contains links to these domains. Also see Links.

Domain
in.bd44.fun
Subject Issuer Validity Valid
*.tchfunnls.org
R3		 2021-08-06 -
2021-11-04		 3 months crt.sh
*.kxcdn.com
Thawte RSA CA 2018		 2019-07-04 -
2021-09-01		 2 years crt.sh
in.bd44.fun
R3		 2021-07-08 -
2021-10-06		 3 months crt.sh
in.xr117.xyz
R3		 2021-07-12 -
2021-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-06 -
2021-11-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
tagdatax.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-09 -
2021-12-10		 a year crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
tagdataxrt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-09 -
2022-03-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.pushcrew.com
Go Daddy Secure Certificate Authority - G2		 2021-07-23 -
2022-08-24		 a year crt.sh
planet2.digital
R3		 2021-06-18 -
2021-09-16		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 15 frames:

Frame: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Frame ID: 2F6E74EC3F2AA08DE46CD6774C662A9F
Requests: 981 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 4FFA90128C9356C278F00C10CCF020C4
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 80D348F566CA1823268FAF8940A5E8C7
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 634A942FBD7EE01FC60504AD17050E1C
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: D5DB8001D8F0D805F2D551FF7AB01EF8
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 012A40EA04B7675167513393CB090721
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: D5901E4A555F395C30297B44E438C5A8
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 895EFB9D16E73ECE2E0AF28DE03D605C
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 3AF9D06913959575BD287E25F95E5511
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 06D8CD4A5B98D507411991A02210CB1F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 47AF6D505F426DF908C19AB53F72B054
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: EBA59AC76B3DEC591765EACBCC663071
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 88C0DEBC1362AE675989D261B4F65687
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: C46F7CCD65B93B36B010582990B19AAA
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: EB5C2AFA296DE937FCBFD4DA48DBB992
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://in.ehj13.xyz/8e31f43a-3473-4423-afef-ef34167ded12?SID=QAMG&UID=S&EID=DE-CUR-003&DPID=HD9&... HTTP 302
    https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_D... Page URL
  2. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  3. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  4. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  5. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  6. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  7. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  8. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  9. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  10. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  11. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  12. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  13. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  14. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /dev\.visualwebsiteoptimizer\.com/i
Overall confidence: 100%
Detected patterns
  • html /<[^<]+class="[^"]*[^-](?:e-control|e-lib)/i

Page Statistics

1023
Requests

97 %
HTTPS

52 %
IPv6

23
Domains

25
Subdomains

24
IPs

7
Countries

18188 kB
Transfer

51012 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://in.ehj13.xyz/8e31f43a-3473-4423-afef-ef34167ded12?SID=QAMG&UID=S&EID=DE-CUR-003&DPID=HD9&Date=230621&Email=&CT=MM HTTP 302
    https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232 Page URL
  2. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  3. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  4. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  5. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  6. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  7. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  8. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  9. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  10. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  11. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  12. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  13. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL
  14. https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://in.ehj13.xyz/8e31f43a-3473-4423-afef-ef34167ded12?SID=QAMG&UID=S&EID=DE-CUR-003&DPID=HD9&Date=230621&Email=&CT=MM HTTP 302
  • https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232

1023 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tchfunnls.org/code-v2/
Redirect Chain
  • http://in.ehj13.xyz/8e31f43a-3473-4423-afef-ef34167ded12?SID=QAMG&UID=S&EID=DE-CUR-003&DPID=HD9&Date=230621&Email=&CT=MM
  • https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
043fb5e90be61d9acd4dbd9079f3731b4d907b7d4cfdf9db4054461a903bccef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tchfunnls.org
:scheme
https
:path
/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; expires=Wed, 11-Aug-2021 19:20:55 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D; expires=Wed, 11-Aug-2021 19:20:55 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HY0184cJqZTvMM9PrCJ5lnhXueHjk%2BGbLtnVOmwDwIv3zh9e5Vn8y1RnMltjBC%2BsgeFEtawC1aQagociTbPxfq0AA5WQ0xqJNdW2PajDDWJTgmTohwR3BxCzDDVQcpgy4Q6iEc%2BiS7euHOnT"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d32329fcd516ea-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Server
nginx
Date
Wed, 11 Aug 2021 17:20:55 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Pragma
no-cache
Set-Cookie
8e31f43a-3473-4423-afef-ef34167ded12-v4=8e31f43a-3473-4423-afef-ef34167ded12; Max-Age=86400; Expires=Thu, 12-Aug-2021 17:20:55 GMT; Domain=in.ehj13.xyz; Path=/; HttpOnly cc-v4=LBigE5bgmQz2Vl3JOMZLir7so32CqZYsI5%2BOMBW%2BPTbwN60VMQyeZTUnpQnKdlEZG62QCGcXK18TwB2IaXV%2FMuRb5c0bAs9AB9bXHrzY%2FxmRjWh00RaQ1EcuOVgON9PyXzYychfQ9aaDUTGqQfqCQQ%3D%3D; Max-Age=31536000; Expires=Thu, 11-Aug-2022 17:20:55 GMT; Domain=in.ehj13.xyz; Path=/; HttpOnly
forms.css
tchfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tchfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tchfunnls.org
referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2873
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:21 GMT
server
cloudflare
etag
W/"61113bc1-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5U7Jps93a3fLliQIVx%2Bz62eLzbPaWh40Umaz4TORROUmaaSqpR2L5q4BpXXPpe5pXy6g%2FnecooM1IIjDheMrCx9kZRZSU67C3knGvAU%2FfRop4BLeX%2FTcbCIN5PODLqJwImkxt490Nloq9GK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3232bd996d72d-FRA
flow.css
tchfunnls.org/css/ 		385 B
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tchfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tchfunnls.org
referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2423
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:21 GMT
server
cloudflare
etag
W/"61113bc1-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idp6Aue7s3DOPdXr9pjdw1Fvlkz%2FSBaNH%2B7FEm6YEdbRvTl4cgtkCDWJ7Ub0%2F9eoskeVjbC3DqrotlXKhxJDDm2dyUjxk6QG43%2BJl%2B6bWa27hyMGm4uV%2F%2FzNet2%2BUt8eezC37hXvO5OZkf2v"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3232bd993d72d-FRA
funnel.css
static-13333.kxcdn.com/4958/build/ 		64 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/4958/build/funnel.css
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f86bc4f3e44be3f65237300bb38ba8d11c8886aabeb911f14469da74a9f24edd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
content-encoding
gzip
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx00000000000000468c16a-00611406f7-e448f0c-ams3c
x-edge-location
defr
x-cache
MISS
last-modified
Mon, 26 Jul 2021 16:59:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
W/"4d5957431b7938cb4668ed7636867f4c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702455.dop213.fr8.t,1628702455.cds127.fr8.shn,1628702455.dop213.fr8.t,1628702455.cds232.fr8.pr
content-type
text/css
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:55 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/4958/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/logo.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
8f62e5b42279de5ac04b03ae515d1319e90ca42efc94e5e4a8a15545fc4fc887
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx000000000000004694c4e-00611406f8-e457d23-ams3c
x-edge-location
defr
x-cache
MISS
content-length
5619
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f454c65307262a12887a9ca13828e994"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702455.dop213.fr8.t,1628702455.cds168.fr8.shn,1628702455.dop213.fr8.t,1628702456.cds209.fr8.pr
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
check-icon.png
tchfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tchfunnls.org/images/check-icon.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tchfunnls.org
referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2423
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xXgiIu9Wjz5V%2BUV3l0s8YiREvE9ub3pl1zGD7nKcw5fYyakMhVecrM5%2FB%2F2sHykxKJr2ovTgCqEIJaybUfPv4VRqRHPoRzpQuZUrpcvM94qNQNV6ZOYsEm5s6oVtLsLgw9viBUiut%2BMpgT4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3232d8c7dd72d-FRA
806.gif
static-13333.kxcdn.com/4958/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/806.gif
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx000000000000004696136-00611406b4-e447dfa-ams3c
x-edge-location
defr
x-cache
MISS
content-length
17963
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"313d1440d21ae95e5dcfa2f447f14456"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702455.dop226.fr8.t,1628702455.cds131.fr8.shn,1628702455.dop226.fr8.t,1628702455.cds165.fr8.c
content-type
image/gif
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:55 GMT
sad-face.svg
tchfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tchfunnls.org/media/sad-face.svg
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tchfunnls.org
referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2871
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjnnzUsxSBwY8jCagGxDQx%2BfB%2Fyvuv92%2BZSTaisM%2B7h1lQnm%2FXcPrXDPFlPxIggDqn7Oyuv%2FnlAyhVjKIR%2FFDXu%2BXKDgpJ8gk0IhdxiJzc%2FV5Hke6pz0tpuaNNbHIWdghZ4v0RduqhpfObam"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d3232d8c81d72d-FRA
email-decode.min.js
tchfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tchfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tchfunnls.org
referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35C%2BIWWFhBRt0XwDIsKLsUyttsp1Zb1nNgQMkTxtgElR4%2FsL%2B68j7lOabBwJGi8prx01sFnxefHbSktHDY5%2BeRIicdUEql6ooqlUxTc2tcO6cMJkD6SqBaLqpBMrn9p0Pn9KnvcZuo8YMmg7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3232cdb69d72d-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:20:55 GMT
redirect.js
tchfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tchfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tchfunnls.org
referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2873
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uLym5F7V8YAujvDTH61AFUKA0%2FNndn%2FiiHHtDH2VlQljyfL4MNyFnlH6okHc3lfmIJAWzqnDM1YUVWgYwg2QpZwcfsf9acEWJthGgElL73j48dhm72KU%2BGJF2zl%2Bnv%2Fj3u2ysnuFl0oE7UJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3232ceb7ed72d-FRA
l.js
tchfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tchfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tchfunnls.org
referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2423
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPRBBpM0I2AUNMneJENI0z02hIW2LUUghdQhcd9GLcHvBD2EWDFzEXbnMmydQbCa2lMyqbBbeUWXHUZOD%2FGJ7c4A9yGx0WByvUNDITFQycoEoBkHrwRm1dg%2FNuBfe2DogsZJvViIL7I8BZvh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3232cfb95d72d-FRA
funnel.js
static-13333.kxcdn.com/4958/build/ 		657 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/4958/build/funnel.js
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
44083bb64184a0d1eb3b3ed8c22464b0d00513c971cbd67a46af6c62fd27090a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
content-encoding
gzip
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx0000000000000045d866f-006113f9ee-e448f0c-ams3c
x-edge-location
defr
x-cache
MISS
last-modified
Mon, 26 Jul 2021 16:59:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
W/"e64723df1a527b0c6f3145059dbe0470"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702455.dop208.fr8.t,1628702455.cds041.fr8.shn,1628702455.dop208.fr8.t,1628702455.cds065.fr8.c
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:55 GMT
hp
in.xr117.xyz/ 		382 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:20:56 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:20:55 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ 		7 KB
746 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700&display=swap
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4958/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af62f396aa28ee283736cb82218c4369957c5d285a89f51178072abf0285db63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://static-13333.kxcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:40:07 GMT
server
ESF
date
Wed, 11 Aug 2021 17:20:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Aug 2021 17:20:55 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
720
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWPZu0nQqBGaqBBjaGVRvgm7L33DDjngigJCwYNEd6nJxCxI3o0ZHK5HXanqaX7gc1zCDDUhOEwRzJn9EowOzF3uIFkCQp6W8dGgbTnmMKbgslk0R%2Fv8SmmfN75xHUhc6RxOEiYtL36Ma4r4Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3232daff605cc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2c723e5213b23f410648cd638cadddb95a3f7b8dcb0290a1084a8564b4bd94a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42030
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:20:55 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftchfunnls.org%2Fcode-v2%2F%3Fhitid%3Dw9ice5h00mfanhm9ifuh2q7u%26qze%3D3%26aff_sub%3DHD9%26aff_sub2%3DQAMG_DE_DAILY_DE-CUR-003%26aff_sub3%3D%26aff_sub4%3DQAMG%26tpsiteid%3D24232&f=1&r=0.9359585981740504
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
40f1c2d46a1552d57763707448c18c46ff237b0b11492d1db0a216b7cf8180f8

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:20:55 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
main-bg.jpg
static-13333.kxcdn.com/4958/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/main-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4958/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
405bdae55bf3d462e3b4d261b3ceef97c416e941782b8112ba4e986d2ebcd110
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/4958/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx000000000000004694c50-00611406f8-e457d23-ams3c
x-edge-location
defr
x-cache
MISS
content-length
40661
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"04b838afa7fc10464d79419204907144"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702455.dop232.fr8.t,1628702455.cds142.fr8.shn,1628702455.dop232.fr8.t,1628702456.cds140.fr8.pr
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
bg1.jpg
static-13333.kxcdn.com/4958/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/bg1.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4958/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
586b901aeafbcb7ee4da0664b780b110d83c26b41f78eb92004849f514512ed0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/4958/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx000000000000004699496-00611406f8-e447dfa-ams3c
x-edge-location
defr
x-cache
MISS
content-length
29328
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b91f536427224ea2b23aaf9c9cd83b6e"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702455.dop213.fr8.t,1628702455.cds232.fr8.shn,1628702455.dop213.fr8.t,1628702456.cds207.fr8.pr
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
bg2.jpg
static-13333.kxcdn.com/4958/images/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/bg2.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4958/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
63c15993027588fcc41d81e35dd420135e12dabb318a6f8a68b7698a47764159
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/4958/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx00000000000000468c191-00611406f8-e448f0c-ams3c
x-edge-location
defr
x-cache
MISS
content-length
48475
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f740741b207dff5c166151eebd6d2757"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702455.dop213.fr8.t,1628702455.cds247.fr8.shn,1628702455.dop213.fr8.t,1628702456.cds131.fr8.pr
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
bg3.jpg
static-13333.kxcdn.com/4958/images/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/bg3.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4958/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
be240fa511cb8fe3a307d4c5240d3c6bee7a06a5d11746cc2172ff06e993ffa8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/4958/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx0000000000000045e1658-006113f9f8-e457d23-ams3c
x-edge-location
defr
x-cache
HIT
content-length
53677
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"90cbdad2aacdc2353ffae1df0d2c36d3"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702400.dop208.fr8.t,1628702400.cds065.fr8.shn,1628702400.dop208.fr8.t,1628702400.cds210.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:55 GMT
bg4.jpg
static-13333.kxcdn.com/4958/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/bg4.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4958/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9bdeafc25e98e65235db3a1996bc59250dcea6dc2ea2451b05a5f5485856a4e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/4958/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx00000000000000469697a-00611406c0-e447dfa-ams3c
x-edge-location
defr
x-cache
MISS
content-length
9978
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9f959cf7908005ee4a4e58814d83845e"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702455.dop226.fr8.t,1628702455.cds150.fr8.shn,1628702455.dop226.fr8.t,1628702455.cds136.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:55 GMT
bg5.jpg
static-13333.kxcdn.com/4958/images/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/bg5.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4958/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5824c35bd60851b4a1259a582eeed0d57c56e0cc265abfcd277dbdccf1bda4a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/4958/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx000000000000004699493-00611406f8-e447dfa-ams3c
x-edge-location
defr
x-cache
MISS
content-length
69856
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"4ecae72944f9b98e84c681c8bb76f1b9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702455.dop208.fr8.t,1628702455.cds292.fr8.shn,1628702455.dop208.fr8.t,1628702456.cds141.fr8.pr
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tchfunnls.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 10:37:41 GMT
x-content-type-options
nosniff
age
110594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28968
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 10:37:41 GMT
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tchfunnls.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 20:01:35 GMT
x-content-type-options
nosniff
age
163160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29864
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 20:01:35 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tchfunnls.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 23:08:02 GMT
x-content-type-options
nosniff
age
151973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 23:08:02 GMT
start1.png
static-13333.kxcdn.com/4958/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/start1.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f09922b761c854fcec7c2b1db74b57482a9210bfe6e42db4c068e12bc8a17abe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx00000000000000468eb78-00611406d4-e43311f-ams3c
x-edge-location
defr
x-cache
MISS
content-length
1277
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"dcb02c13fea52bda71e51c55f9599c7e"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop208.fr8.t,1628702456.cds274.fr8.shn,1628702456.dop208.fr8.t,1628702456.cds156.fr8.c
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
start2.png
static-13333.kxcdn.com/4958/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/start2.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
848241828371dce361ca8a9d9bb58602cae31593219d6be0664c03933c44face
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx00000000000000468eb79-00611406d4-e43311f-ams3c
x-edge-location
defr
x-cache
MISS
content-length
2231
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"bac1b076d65851a69dc5966f3fd006d6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop208.fr8.t,1628702456.cds201.fr8.shn,1628702456.dop208.fr8.t,1628702456.cds065.fr8.c
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
start3.png
static-13333.kxcdn.com/4958/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/start3.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
775d5e1290a58554d757717323909ad709c1973fb599f7058e48b53498b7d69f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx000000000000004694c5b-00611406f8-e457d23-ams3c
x-edge-location
defr
x-cache
MISS
content-length
1637
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0df29b8d75a9c764ad5f97b58c044835"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop213.fr8.t,1628702456.cds288.fr8.shn,1628702456.dop213.fr8.t,1628702456.cds122.fr8.pr
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
from1.jpg
static-13333.kxcdn.com/4958/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/from1.jpg
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b34c966566c38b661c8557882b3471725f01ea87e481333e29d00c7f6c96d8be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx000000000000004694c5c-00611406f8-e457d23-ams3c
x-edge-location
defr
x-cache
MISS
content-length
5404
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"7e03bdbd5b4bb09ecfbd6f2db94a7c43"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop213.fr8.t,1628702456.cds287.fr8.shn,1628702456.dop213.fr8.t,1628702456.cds246.fr8.pr
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
from2.jpg
static-13333.kxcdn.com/4958/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/from2.jpg
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
510365a02218bce08dcd646d7b41a709c583b18cce23ce7428c9b0a80c844e15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx0000000000000045e6de0-006113fa13-e447dfa-ams3c
x-edge-location
defr
x-cache
HIT
content-length
5029
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"01dc25b5c2ecbcd11d5a07efc437fcc3"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702420.dop232.fr8.t,1628702420.cds149.fr8.shn,1628702420.dop232.fr8.t,1628702420.cds270.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
from3.jpg
static-13333.kxcdn.com/4958/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/from3.jpg
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
888c1ceeb3168b20fcd76c17295f29aebf17c5e8b1bd68df67b44a892bf6120c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx0000000000000045e25f8-006113fa13-e457d23-ams3c
x-edge-location
defr
x-cache
MISS
content-length
4510
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ffd7f523339ad04795fcbd35729dccea"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop208.fr8.t,1628702456.cds109.fr8.shn,1628702456.dop208.fr8.t,1628702456.cds280.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
from4.jpg
static-13333.kxcdn.com/4958/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/from4.jpg
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6146ca4b028179e11b9c4654b265666562e0634950bbcd08bcf42b40d23b60d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx0000000000000045e2601-006113fa13-e457d23-ams3c
x-edge-location
defr
x-cache
MISS
content-length
6232
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"530faa0690f478689bbb08bf368cbd2b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop202.fr8.t,1628702456.cds262.fr8.shn,1628702456.dop202.fr8.t,1628702456.cds017.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
tech1.png
static-13333.kxcdn.com/4958/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/tech1.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a12ff194c7e145e95687fe893730a8d612f6601c18e6632a979e05e0d29612e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx0000000000000045e6e56-006113fa13-e447dfa-ams3c
x-edge-location
defr
x-cache
HIT
content-length
1667
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"90d2118764ad0b7109e40bf03aff5dd9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702422.dop232.fr8.t,1628702422.cds240.fr8.shn,1628702422.dop232.fr8.t,1628702422.cds053.fr8.c
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
tech2.png
static-13333.kxcdn.com/4958/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/tech2.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
138625c584af3e131263c4b1aef67de10f91cfa15e6c4adea29bb77c0cf7b132
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx000000000000004693411-00611406d6-e457d23-ams3c
x-edge-location
defr
x-cache
MISS
content-length
1075
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"41a2762db30b8d56c884f4391e5efd22"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop226.fr8.t,1628702456.cds275.fr8.shn,1628702456.dop226.fr8.t,1628702456.cds232.fr8.c
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
tech3.png
static-13333.kxcdn.com/4958/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/tech3.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9ea50c14229028b5f31c5ee493dcbbe573ec01859399e5a80fa3103673dee44b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx0000000000000046904de-00611406f8-e43311f-ams3c
x-edge-location
defr
x-cache
MISS
content-length
1151
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"02b7b6f46b94f57c1810eea5ac249a3b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop213.fr8.t,1628702456.cds279.fr8.shn,1628702456.dop213.fr8.t,1628702456.cds065.fr8.pr
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
step1.png
static-13333.kxcdn.com/4958/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/step1.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0a089c3d3235921440350228132f2646587e3e4b5117ff8dcf39fd9f140d2c4e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx00000000000000469346a-00611406d6-e457d23-ams3c
x-edge-location
defr
x-cache
MISS
content-length
1487
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e85c9a057ade2c3287e786604b38f9d1"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop202.fr8.t,1628702456.cds211.fr8.shn,1628702456.dop202.fr8.t,1628702456.cds150.fr8.c
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
step2.png
static-13333.kxcdn.com/4958/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/step2.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d38c81c061cf58c152492e267c1bf5bcc6c29f621134b43f102c5238a27329e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx00000000000000468c19f-00611406f8-e448f0c-ams3c
x-edge-location
defr
x-cache
MISS
content-length
1209
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"3b0e1a9c70486667dbe28554eb8285d7"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop232.fr8.t,1628702456.cds128.fr8.shn,1628702456.dop232.fr8.t,1628702456.cds054.fr8.pr
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
step3.png
static-13333.kxcdn.com/4958/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/step3.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0574aff123157fae079e148e56262110474e112dc3aca9ca5aa7a64593f06035
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx00000000000000468c1a0-00611406f8-e448f0c-ams3c
x-edge-location
defr
x-cache
MISS
content-length
1363
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"68350e23beb824e61e9a5727d1ef295e"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop213.fr8.t,1628702456.cds217.fr8.shn,1628702456.dop213.fr8.t,1628702456.cds132.fr8.pr
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:56 GMT
en-1.mp4
static-13333.kxcdn.com/4958/media/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/4958/media/en-1.mp4
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tchfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id
tx0000000000000045e6318-006113fa00-e447dfa-ams3c
x-edge-location
defr
x-cache
MISS
Content-Range
bytes 0-45577655/45577656
Content-Length
45577656
last-modified
Mon, 26 Jul 2021 16:59:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a33326706b4a6a37a206cc7ac995a9f8-9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-hw
1628702456.dop213.fr8.t,1628702456.cds246.fr8.shn,1628702456.dop213.fr8.t,1628702456.cds252.fr8.c
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:56 GMT
flags.png
tchfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tchfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tchfunnls.org
referer
https://tchfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tchfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1699
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:21 GMT
server
cloudflare
etag
"61113bc1-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvoa6nXX3U3RABdorTBQ325e%2B%2FkwXDFGpDaJd99A776YiDe5Sk0y8kucqsvofLoYLwCxIszQk%2B4IaUR6I6ekG3ckIv%2BX%2B29dWb1kbD4NyortYgkwkIFlrm1DW0bpa4pDkqFmdH1fOsHy8%2Fur"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3232e3ddad72d-FRA
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftchfunnls.org%2Fcode-v2%2F%3Fhitid%3Dw9ice5h00mfanhm9ifuh2q7u%26qze%3D3%26aff_sub%3DHD9%26aff_sub2%3DQAMG_DE_DAILY_DE-CUR-003%26aff_sub3%3D%26aff_sub4%3DQAMG%26tpsiteid%3D24232&f=1&r=0.9359585981740504
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tchfunnls.org
Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tchfunnls.org&u=D894450ECF394EF95C7A40FF7BC5E1D85&h=55d26f1ab715fae3c88c3aa3315d6c9e&t=false&r=0.13768400193621266
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:55 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:20:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:56 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
c477813a25a225a5760758c003d9b12918382d5ae164b80ebaab75559e7e2335

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:56 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
991737d7f6673a2421b8575399df060d34507420a9c158dd35e9c4d3134640bb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tchfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
618 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:56 GMT
Server
nginx/1.19.10
Etag
040fe1eb-dc8f-4f02-a85a-c32ac9fb3dc6
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tchfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:56 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:56 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:56 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:56 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:56 GMT
trackpush.min.js
s3.amazonaws.com/cdn.aimtell.com/trackpush/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.205.96 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
839741000c77d2606bc8b695ba0bb9cc4b8ef484f8b6babd649e6bef0d607f3e

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 21:49:58 GMT
Server
AmazonS3
x-amz-request-id
RCYQC2QXE67EK09P
ETag
"7b9b2666c275fd54fa2196529ed1929e"
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
13023
x-amz-id-2
17kzMZPAUcGmZKrc4Aw4scmi5uxMwFxx/MFdY5jSlLHjxX43+N8vwZlHp43Lhp+GsNCCs1FwbNs=
locate
tchfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tchfunnls.org/locate
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
XSRF-TOKEN=eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ%3D%3D; c=eyJpdiI6IlFHOEZGMUkzRmg0NVFxTDJDdlRFUWc9PSIsInZhbHVlIjoiR0lGVHJSSUhhUHNrT2VuVkdhRWhOVkdydzFjMlZEMFNxVWhQcVdzWlVMd1FKUjFXTnVOc1ROUDNzekVlT1NTSSIsIm1hYyI6Ijk1MTg4MDQ0ZTc1YzExOWIwODFmZTQ1MmI3ZGRjMDM0Mzk3NTljYjUwMTgwMjMxN2ZmMzZhYTkwY2Y3Mzk2ZDYifQ%3D%3D; _vwo_uuid_v2=D894450ECF394EF95C7A40FF7BC5E1D85|55d26f1ab715fae3c88c3aa3315d6c9e
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tchfunnls.org
referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
X-XSRF-TOKEN
eyJpdiI6ImRiTUpTYThoSFgwVkRHaEQ5WmdSdkE9PSIsInZhbHVlIjoiOVROcXJ2SjdFblpxRk1KQVE2eGZJSm9wcG1oRFZZY2xTUGswenpyd0puSWo2Ynh3ZDVYUHVBNTVHT1JTUjc3SiIsIm1hYyI6ImUzZGRhNTc1MDFiMWYyNDEwMjEwM2RmZmY3NTFhYzNlNGM2NDUwNzQwYmNlYjI2OWU1NmUxYzMzYjRjMzhkODkifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9q3hy5%2B%2FVf4EOeUJi%2BlOXMvrmd14%2FrmgmPVHvdOLc%2B1q2DmliJUGs62fL5IpXDU4m9dhE3R7FDHiXYdrxAdmgLEFxacjgbPwAwYil8gz%2F9hUnvb9pz7zCSDvQ4JtHaiQ1rxlDr76l%2BdzVYlO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlFiS1RZUzhyeGxpNWllazMxR3dhaFE9PSIsInZhbHVlIjoiRUJoRjBMUFRud2k4XC9mcThwM2E4NGxzN1V5OGNSVTgyN3lYeHFuOXd4UFRwWmJZWjhmbDdySWJPNk5wK0VFTHoiLCJtYWMiOiIyZTBhYzg1Mzk2YzlhZmIxYTRiMGM0OWMyYzZkMTJjNzBlNTE3NjE5ZmUzOGVkYTA5ZjU1YTJkNDEwNGZlMWZjIn0%3D; expires=Wed, 11-Aug-2021 19:20:56 GMT; Max-Age=7200; path=/ c=eyJpdiI6InMyM2JtVjNoSXF4S2tBR2pxZXhrbmc9PSIsInZhbHVlIjoiWE01NmxGeTNhZEJscjB4Mko0RVc3T3lReG45VXNocWJMSlwvVEgwZ3JEdGhlb0xZUXZjWkZlODFESEkxbUNxcHYiLCJtYWMiOiIzZjZiODQ1MTUxMGUwYmI3MjM3ZTgzMzZhZjAyODgxZjAyN2UzMTY5MDA2ZTIxZDIzMGZmMGU1YmUwMmYwNzI0In0%3D; expires=Wed, 11-Aug-2021 19:20:56 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3232eeef2d72d-FRA
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b191cb52e5cbb67b666e9c842dc953a6e6fc043582e37bbdc5d80896789d3de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51224
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:56 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
435
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
37
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
Bp3zPEih738ok3F_oMo8K8AyOarnvF9YPrYxFzBBN5uGR-DbPyGvjQ==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tchfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:56 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tchfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:56 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tchfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
videothumbnail-1.png
static-13333.kxcdn.com/4958/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/4958/images/videothumbnail-1.png
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tchfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:56 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tchfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tchfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:56 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tchfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.6849156483925023&u=https%3A%2F%2Ftchfunnls.org%2Fcode-v2%2F%3Fhitid%3Dw9ice5h00mfanhm9ifuh2q7u%26qze%3D3%26aff_sub%3DHD9%26aff_sub2%3DQAMG_DE_DAILY_DE-CUR-003%26aff_sub3%3D%26aff_sub4%3DQAMG%26tpsiteid%3D24232
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:55 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.48154283357091887
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=632758745&t=pageview&_s=1&dl=https%3A%2F%2Ftchfunnls.org%2Fcode-v2%2F%3Fhitid%3Dw9ice5h00mfanhm9ifuh2q7u%26qze%3D3%26aff_sub%3DHD9%26aff_sub2%3DQAMG_DE_DAILY_DE-CUR-003%26aff_sub3%3D%26aff_sub4%3DQAMG%26tpsiteid%3D24232&ul=en-us&de=UTF-8&dt=Bitcoin%20Code&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=750675326&gjid=1360414896&cid=1903197078.1628702456&tid=UA-192660002-1&_gid=941551702.1628702456&_r=1&gtm=2wg891MSK8GMG&z=1758142817
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tchfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=632758745&sr=1600x1200&ul=en-us&cid=1903197078.1628702456&_s=1&dl=https%3A%2F%2Ftchfunnls.org%2Fcode-v2%2F%3Fhitid%3Dw9ice5h00mfanhm9ifuh2q7u%26qze%3D3%26aff_sub%3DHD9%26aff_sub2%3DQAMG_DE_DAILY_DE-CUR-003%26aff_sub3%3D%26aff_sub4%3DQAMG%26tpsiteid%3D24232&dt=Bitcoin%20Code&sid=1628702456&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tchfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tchfunnls.org
Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-192660002-1&cid=1903197078.1628702456&jid=750675326&gjid=1360414896&_gid=941551702.1628702456&_u=YEBAAEAAAAAAAC~&z=1068568964
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 11 Aug 2021 17:20:56 GMT
content-type
text/plain
access-control-allow-origin
https://tchfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=1903197078.1628702456&jid=750675326&_u=YEBAAEAAAAAAAC~&z=1090665567
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=1903197078.1628702456&jid=750675326&_u=YEBAAEAAAAAAAC~&z=1090665567
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
tchfunnls.org/ 		272 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tchfunnls.org/event?hitid=w9ice5h00mfanhm9ifuh2q7u
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:da2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bd608ee2a9d4b953634b7a8d652231152773b6721b6af1a01fb167e9b2fc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tchfunnls.org
x-xsrf-token
eyJpdiI6IlFiS1RZUzhyeGxpNWllazMxR3dhaFE9PSIsInZhbHVlIjoiRUJoRjBMUFRud2k4XC9mcThwM2E4NGxzN1V5OGNSVTgyN3lYeHFuOXd4UFRwWmJZWjhmbDdySWJPNk5wK0VFTHoiLCJtYWMiOiIyZTBhYzg1Mzk2YzlhZmIxYTRiMGM0OWMyYzZkMTJjNzBlNTE3NjE5ZmUzOGVkYTA5ZjU1YTJkNDEwNGZlMWZjIn0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D894450ECF394EF95C7A40FF7BC5E1D85|55d26f1ab715fae3c88c3aa3315d6c9e; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _gid=GA1.2.941551702.1628702456; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702456.1.0.1628702456.0; _ga=GA1.1.1903197078.1628702456; XSRF-TOKEN=eyJpdiI6IlFiS1RZUzhyeGxpNWllazMxR3dhaFE9PSIsInZhbHVlIjoiRUJoRjBMUFRud2k4XC9mcThwM2E4NGxzN1V5OGNSVTgyN3lYeHFuOXd4UFRwWmJZWjhmbDdySWJPNk5wK0VFTHoiLCJtYWMiOiIyZTBhYzg1Mzk2YzlhZmIxYTRiMGM0OWMyYzZkMTJjNzBlNTE3NjE5ZmUzOGVkYTA5ZjU1YTJkNDEwNGZlMWZjIn0%3D; c=eyJpdiI6InMyM2JtVjNoSXF4S2tBR2pxZXhrbmc9PSIsInZhbHVlIjoiWE01NmxGeTNhZEJscjB4Mko0RVc3T3lReG45VXNocWJMSlwvVEgwZ3JEdGhlb0xZUXZjWkZlODFESEkxbUNxcHYiLCJtYWMiOiIzZjZiODQ1MTUxMGUwYmI3MjM3ZTgzMzZhZjAyODgxZjAyN2UzMTY5MDA2ZTIxZDIzMGZmMGU1YmUwMmYwNzI0In0%3D
content-length
188
:path
/event?hitid=w9ice5h00mfanhm9ifuh2q7u
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tchfunnls.org
referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
X-XSRF-TOKEN
eyJpdiI6IlFiS1RZUzhyeGxpNWllazMxR3dhaFE9PSIsInZhbHVlIjoiRUJoRjBMUFRud2k4XC9mcThwM2E4NGxzN1V5OGNSVTgyN3lYeHFuOXd4UFRwWmJZWjhmbDdySWJPNk5wK0VFTHoiLCJtYWMiOiIyZTBhYzg1Mzk2YzlhZmIxYTRiMGM0OWMyYzZkMTJjNzBlNTE3NjE5ZmUzOGVkYTA5ZjU1YTJkNDEwNGZlMWZjIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNM41iyWwSsIgklHfS6ea4Ydnrmkbg%2B4ABprWKNcjR9Pfho69%2FizodU%2BEsUPMJuT7K83%2F5oimAJ3x4Yw0OZBZhtEhVpvYMYlcoqA15gkFx%2FXuSK9LdFoKXmO0LXAiFwm6%2BTGKjgn7FCJNTmV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tchfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IktlT2JNMHdjY2hOajY4ZHVGMkJ5TGc9PSIsInZhbHVlIjoiYnJHMTl0MmxoeVJQWExhMVwvQ3VpRGtNKzBOcUV2XC9SUEZxUzRvMUxyV3VJWit2OTBOTXZIMTVoQTNQYmE2Q2FXIiwibWFjIjoiMzRmYWE4OWQ5Mzk2YzUyMzdkNjNkODhmODM1NzhkNjlmMDM2NThiNWU2NmUzNDVhNmM1OGRiNzc5YmVhYWJkYyJ9; expires=Wed, 11-Aug-2021 19:20:56 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkNQOXlickZMUkt2V3g4bzU2R1RsbFE9PSIsInZhbHVlIjoiejl2OWFcL0ZUY0UwNEkxZ0lacWZCVnBXSVM5cHgxd2M0TWtUSVd1VHBoZzArVFM4K05xU3BVS1BYWTBEVVZNenYiLCJtYWMiOiIwMzJhMWU4Y2YxMjNhM2JjN2UxN2I5Mjk3ODkzNGJlNjUyMjUwMzIxOGU3MGNmZTVkMTlkYzQ0MjAzNmNlYTE3In0%3D; expires=Wed, 11-Aug-2021 19:20:56 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3232fd8b3d72d-FRA
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tchfunnls.org
Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:50:56 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529371
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
RC4jqLKuxyvQZjEfkOLJvqx670taORqfaop9GsbYHEuFD_zIBCFJKA==
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 4FFA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tchfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tchfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
X0A8ja7CZSbaFDLOBE_KUvbOfEsXNqOLCGxlyX6KhDEblSAoy24MSQ==
age
2135066
behaviour
planet2.digital/v1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://planet2.digital/v1/behaviour?type=CLICKER&userId=&service=QAMG
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
add
tagdataxrt.com/log/ 		12 B
598 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:56 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tchfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tchfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:56 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tchfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
/
tgfunnls.org/dly1st/ 		31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451bbf007be7ae39b4ab05d1d90ebd8cbffa423ae179787cd6ae598f13038635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tchfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tchfunnls.org/

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; expires=Wed, 11-Aug-2021 19:20:57 GMT; Max-Age=7200; path=/ c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D; expires=Wed, 11-Aug-2021 19:20:57 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Ble%2FlOQOg627yJF9NEgwIxEEMd4nv%2F3ZpWZTAGCXaou2XP2U4m4%2BCYkADBKScmEC8KeHg%2BBG7YOrFs11umBI0DC2GBFucpHPeEvxSCP7hKzKxQ%2BMedfTp5DdQCJABOPe5mLEJVndOZGhEc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d323326c4c2b89-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
423 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tchfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:20:56 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tchfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3904
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJNuEtav3mfz6AqS%2B5agMcYB1ayT%2BfRaso33Wdi12QLekDNeVFyEWN8vOYIjnfDt8CpYJ%2FHImiLX6dswDMsA17I540tOMTSSdYXGEwaXHpZrz1SHlwVV1tWmm2QUcKuxlXYWEafUqTVN7Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d32334dee01f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3904
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksEmjISvSVuBac9vTiXWHvPMyC6H7gS91XZx5VINnYdriyJRf19iJHQ7ToTpCPZMBDhzb5%2FKIXF%2BBKVmnKxiqS3dW5LXeUD4HH6pEuNWKwgv%2BX5DtEF9Lp3yZ9X6zrf07cNTP%2B1Pz%2BDp%2FR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d32334dee21f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:09:57 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1147
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqUQTbmYrDgF14BQPmfU0qijumGvi4Zvif3PDsEl5OlNrcPNURuu5PSBtMLKWnWpfe2D6rXFjxDz5Qg6qOucCfyaHwFIoAyq1NuHcfVv6fSFC3BeZJ1sImoCxmqwcQ%2BbnOby%2FYU5LzSnzzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3233588621f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3893
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WquK%2FOylU0EHGWZFNzihu9HKp0GgybUV2KtgBFYzsq20g7kt3nSQmW2uGMOUvSUklRJ%2FUI5SPVhEw09voXY2KLRZ0FVg7hjoUrH8NTVcEjIub9G6laauvHsfUsPame2NUHp0sImzvcvdhP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d32335886b1f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnZdEHvFCj5RdvwGgTtkWSMdHCDdQ7wy3ERAqT8CSZw32vG7XXFtlloVTNJYx57xDBhVx8ILxCvH4bgsrHiUVb2In2GJpUNYFoJOTJnlR44oFunDlv1IWdt%2FZkZuqDuHGPdLTCH1F3KVUC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32334ff231f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:20:57 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3903
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6iEL3JLW6pGJoCZCGRs9BcHI7jL2TBXYCHRi477vnVV%2FRbGcpWicXSdnoqBc4xgoEt187AaoxKOJUQmMm%2Fm%2FrBBFldQIof3EFGe7bKpv2C1VlUFNn6WfARg91A%2F%2BXyjbjcwFAvxT8XTK00%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32334ff261f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OizqDuPPzuDn1I7om9z1dAvRyPch5y4UyWLTPqU4agJiEOT8TK7aOM%2B06CqyWex0BhCWzcQFjFSG4gc3Hv83ZY4314yjRgj7G8XcB9H0nmEuUx2wrhz1LJMgsPCcm8RfHyUTT4XBunMesOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d323352f811f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:09:57 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:20:57 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:20:57 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
722
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=582%2BM9GXCNRd3QHxjSdn1fbvOTMxEjzAr5JH0YK3S8%2BpAMej9uvOM%2FFGsfM14irzbVCI6pEmswO7BEki74yCIXCF8vUJyFWfpjCIgkQsgiO6jicwR1dlvpr0yxHyl%2BMe3mKZPfp%2BuEY38uwvpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d323359a8f1f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed95f3797361e43a39871b0e447c287ea998e3b7abdfbae6e58ed0cbbb1ac115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42028
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:20:57 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.27875592501304025
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
82f132dd973f5b46025d65c86cf55648143eb959a70eca166fc027186d1cedca

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:20:57 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:57 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		768 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:20:57 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
333fb1628549c341eb44b5c1cc46de597e68508c0987a8f69288554d3e9089c8

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:57 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0626cca3d4602e220b4a997e265f5cb15f4d03e10c075a5ff4734e6eee736859
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:57 GMT
Server
nginx/1.19.10
Etag
4b2d2179-c271-49ea-ae0a-64373772154c
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:57 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:57 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:57 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:57 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:57 GMT
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.27875592501304025
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC5A9B90982F6BE0567FAC8CFE974E4DF&h=8224a7fb2c249cd1afe136e4f689fcca&t=false&r=0.16113753845631007
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:57 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe8a701e5552cb8f996388184dc59e2c3f04f37581d21fcfc1c4f50ddf04d107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51222
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:57 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
436
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
38
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
HW508JlbpJICXRPn1l1OXSbyDliQajZ0i2p-IfIhL9x0F4XyaMobug==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:57 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:57 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1377099591&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftchfunnls.org%2F&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1737258206&gjid=1837921199&cid=799450672.1628702457&tid=UA-192660002-1&_gid=1581743151.1628702457&_r=1&gtm=2wg891MSK8GMG&z=1781805580
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-192660002-1&cid=799450672.1628702457&jid=1737258206&gjid=1837921199&_gid=1581743151.1628702457&_u=YEBAAEAAAAAAAC~&z=976245088
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 11 Aug 2021 17:20:57 GMT
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.7392610999152638&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.6176294655735428
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:56 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=1377099591&sr=1600x1200&ul=en-us&cid=799450672.1628702457&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftchfunnls.org%2F&dt=Daily%20Profit&sid=1628702457&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
P63mkKnlIBgicqHVZv4hh3j6h9KOvHH1cxstOKeCNcaAsB648DyN9g==
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=786432-

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 786432-124690623/124690624
Content-Length
123904192
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:57 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=799450672.1628702457&jid=1737258206&_u=YEBAAEAAAAAAAC~&z=759534326
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=799450672.1628702457&jid=1737258206&_u=YEBAAEAAAAAAAC~&z=759534326
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:50:57 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=917504-

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 917504-124690623/124690624
Content-Length
123773120
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:57 GMT
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D; _vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
869
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn4Obqn0wMaKr0xnSLqIMCMiYkDeNq%2F5ihUCb76CA4%2Fp%2BdcCXmF1YbfceuyrJOiF%2FDD2k%2BxIzL8s7byrIfBEi0D5P0dzw9Iiu%2BIBF54EzFrFlzk5Z5wE5oTnLQnlzeIM0r5uWySldxwIGjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d323382da81f15-FRA
locate
tgfunnls.org/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D; _vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7U58IC6SYo28q7IcwrVFg7%2BP3H2Hc%2BqqE1UIlToXp%2BdQonp3UCvs8WbpVq0X36g2e5qFuFQlwTPt%2BreBLOI3tIz9OOKlOO%2BX2oc13jZnuUWsxSyprj5825a33LhWFY1NYTB4ieweJcMdg%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Ilwvd1NMdU9WOWx5V2hxdGFIZEhmZE93PT0iLCJ2YWx1ZSI6IkZcL1RVZkM0dUkwQXRsNVdXMWpWMHpwUTFyM3A3XC9INmlmMUpCRHJIRmJJYkpqZVFPa05lQ08ybFpaN3JRWkhmWCIsIm1hYyI6ImE1OTEyOTM5MWFjMzRiNWIxZjNjZGYxNGFiY2U5ZTgyYTRmMjUwYjQ2NDBhM2EzMWEzNTMxZGM3Yzc1OGQwYzgifQ%3D%3D; expires=Wed, 11-Aug-2021 19:20:57 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlZ0NzA2TVZsZ0lhUlwvUjdNMWZaXC9BUT09IiwidmFsdWUiOiJNY3dWVWloR0RaMDhRc0s0U2NZQmNhSldGYkZMUGEwblN2M0xQT0tmQkJNZnl2WkRsaTJEZlVNU0xHVkFGaTliIiwibWFjIjoiYTM1ODk0ZGE5NDA5MzJiNWY4ZjcxODlkZDk4NGZlOTQwZmViMjMwNTRkODI0MjY1ZDI0MDQwMjFmZWM5YzAyYSJ9; expires=Wed, 11-Aug-2021 19:20:57 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d323383db21f15-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:57 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:57 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
ba0c2c96-d910-4874-a564-63ce6ad25f47
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/ba0c2c96-d910-4874-a564-63ce6ad25f47
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:57 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:57 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 80D3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
n9fesB6zW0s78McKbaO-60BR_k6rAKfBP0PmxiLNEUW6n8qX4RiKJA==
age
2135067
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
268ff46bc6b396330ab19df9759ac0c9312c81992bc8ab6e5c59880828f41c14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
XSRF-TOKEN=eyJpdiI6IjRsQWVpT3RGNFZzcGlaQ2IzZ0g2U3c9PSIsInZhbHVlIjoicnF6RWIxTUtxQ2RwdU40eXVyY1pXbTc3TXM3SVhWd3RGdzJtbVAyanIzTTJYa2xDZERqYlFZSUdjSnRTY2Y0ciIsIm1hYyI6IjA0ODQ5Mjk0YzAzZjk1MTM1YzU4MDRjNmQzYWMyYmEwNTAyODYyYTlmMzI2YTc1M2ZhMDYyZDMyODE4YTE5YjkifQ%3D%3D; c=eyJpdiI6InhPZFgzNjBaYUhQSHUwZFFrS3lNOGc9PSIsInZhbHVlIjoianZUREttYlljMW5ENmNDZXFoMFVTN3NweU9tZm1odkt3Sm1xcEJ0YUhMYUQxbnZWVDZoVTYwQ3RGQ1FHZDdiQyIsIm1hYyI6IjI1M2Y3YWExYjgxMDFiZDljZDI1ZmI3YmRhZjlhMjk2NWEzMDViMGI2NzQ5NGJkYjIxNzFlMWMxODk5NGI3OWEifQ%3D%3D; _vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; expires=Wed, 11-Aug-2021 19:20:58 GMT; Max-Age=7200; path=/ c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D; expires=Wed, 11-Aug-2021 19:20:58 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BlGDzPSNECCH47Ah7Ds4SsXIlE16ekA4%2F3A%2BZNC6dpklPj%2BKtn8OzMd0zGRYJ8ML25fWDjQNKmN83EF3pOxI38LQUufUqzB1ZM4VOotEszGsh54Nydp1z2gfqqlihvOWUU%2F230%2BtXFE1J4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d32338cf171f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:20:57 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
event
tgfunnls.org/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3905
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqZMgHbVCKPugCBUoPSi%2FWDtCrvu6nIflBy1nXIBzX57fuQfD9hPVY17aaF9v1%2BLelhuU62SvmnAdidfcimFjy6SlzUZaAE%2BgU1ST%2F24k1aA%2BA%2F7BQERLd5ceZDiNuimh%2BrRZqRNuxCt%2Fd8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3233afb401f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3905
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxbLkkF66ci9WeOFK1Idfc0LPWyRAtmcLOBS55zCPmrjCyLThy1e5HZ99zu08DoXDdbHQ3rIdruUAVaPvpBnpDxQsuNnpOoxYTw9Uk6auoxHjQHNJDjT4RSgChpMk%2BGFYly8e1Ab8CisbbA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3233afb411f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:09:58 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFdSVYTt51HyO9RJfQtig1H9%2FZHRcj4A5ozcOcHEza4HUoGu7wHGtjSY%2Bibe4V0u91Ur0AEo1wQ52eSB%2Bp3%2B%2FOTAgdJ%2BMA5vp4d2k0koPrmMx94KNRtCP4MBCXYFgxEkn2nfpVq6087vsKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3233b3bb31f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3894
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czVh6frhnxw7YDnctvlaP3stejW7gBpfL3g%2BU139d32U53E%2Fjn6Tr%2BNFHVYkm20WOAzf6iytDfQn3qR9oQcKNvswrQ21ioizGQJXOS11JLEYEUirJ%2BKsLS3GBi6ivdETdB3CMTLPEB4%2FJKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d3233b3bb81f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyuMqoBzEQcoi3ZOIJfx%2BD%2BetiiWCJxEGAYs8rlVggqddED5yuKh%2FGa6hoi03iEbzM2THU9QKU7ifufklVnMga1n6KWA%2BRi9U3jQGax2%2BQSQaHJPjzW83w899ekA9LPJu45IwzrAdFcnj0A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3233b1b7a1f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:20:58 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3904
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiI9iYlFk77dDb7JN9bRnJN1vUYusPMmiXx8gf74TXRAAIswDSxGuX1CuL8dqDf8jM2slT1zPlAkPIj%2B2P5TjLfx4t9v4bRPsyfj1ZTNYa1kM0HnDynrwIAzCyZ%2F8EPN1NDOaSWP3v%2FqbSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3233b2ba51f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBLYhd4oEYMTTft71OfXSuWJ0yJq2693oRpzsN%2FG4dKbZExy0P6wWmO97qNHLdzg8LCCYBLU2jY0gsGQl%2BXjWfkW1kv%2FdPmKfL%2B5S61FGlEvCoL1EAY4nRbLb%2FSoJmGvOsF7ms%2BZsn80LWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3233b3bb01f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:09:58 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:20:58 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:20:58 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
723
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pK%2FKmSc6n%2B2oTdC8NcvpzLKKSJaTF5HtVA%2BkPBn4aKy8Z0nRwOKAXNjgGjc23CsPjvzydeWWDYaRdlBEdAEoCgwB7iKN%2BnqqzS9aPmYaaun0vqbucc3cFl2q3BQbCib%2BPnQfb66SwcQCWa1mZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3233b3c1f1f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d557da70d84a705a3f6ea1e66d5ab3d28774e2deed68caa5ea617d84a97d73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42030
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:20:58 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.6140965526500193
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
db25569ca846700147c343492b9854e77a3258e969f350aa447a710dcc745555

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:20:57 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:58 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:20:58 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
124610b36fb6c615cc2d82dbaa0a4e8b5d3d68a8dcf78505807a56dafd710240

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:58 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
65b300b605683898677255e3279e671b81da8615d95413950cd6f5461bd4faa2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:58 GMT
Server
nginx/1.19.10
Etag
89ea374e-26f5-4908-bf18-9fbea7dd694a
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:58 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:58 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:58 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:58 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:58 GMT
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.6140965526500193
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC5A9B90982F6BE0567FAC8CFE974E4DF&h=8224a7fb2c249cd1afe136e4f689fcca&t=false&r=0.11329928748412277
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:57 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdaN6Mxh%2FY%2Fzq7IzmsajHzkOHrEXQowAVTssi2p%2FmJchgsNnrU6oos3%2B9rohWasPcPJ7tGVQscAJmCQvbsOHggokGF4l1pso7Y7ujNATR3SQLHpF%2BMMQwapOY6BqgA6pBBPdspWh7VxMobA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImdJajFDXC9jc1hcL3ZqdGM2SEozaGQ3Zz09IiwidmFsdWUiOiJRK2JYKzRWRXczdTZ5WXRTZXI0cndRWXNIeU5lQVJCMFNJZFhDKzhcL0pvT0I3dWs3Q3U4YlZyVFFISVRcL0dkRWoiLCJtYWMiOiJiMTBkMjZhMzg3MDhhYWQ5ZjVmOGFjMTAyMWNkYmM2NDFhNjhkOWU5MDMwMDhjZTAyNTc5N2Y5ODAxZTVkZjM2In0%3D; expires=Wed, 11-Aug-2021 19:20:58 GMT; Max-Age=7200; path=/ c=eyJpdiI6InZoczdtcnRzY3BsTHZqSWhlYjY3MWc9PSIsInZhbHVlIjoiWSsybkJuV0lNN1wvYjZvMzN4ak83Zmw0eXpSK0JlaW8zaFVJMzQzV1E1WWs1R3dlVUQ3SysrdzBJNjlxWCt3aVoiLCJtYWMiOiJlY2JlNDJkMjI3Yjc5OTc4N2EwMzA0YWQ0ZDU1NzA3ZDJhOGU1NTNmMDQwZjI2MjU3ZDYzY2ZkZjg5YjBhMGNkIn0%3D; expires=Wed, 11-Aug-2021 19:20:58 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3233bed191f15-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.0.1628702457.0; _ga=GA1.1.799450672.1628702457; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlNGa2NuVVozMFZmV1Z1cll0cjdLOGc9PSIsInZhbHVlIjoia0FPZDcwWVJCZnFhVXIybXBOXC9RSzZwOVNWNHJUXC9HbldsRTNLOWFUZWQxK1pnR3dUa0pYXC9GK0g2d1k5TDJyXC8iLCJtYWMiOiJkN2QxNGU3Y2E5ZDFiNGQ3YmM5ZDk0MmQ3YmVhZjhmMTA5Mjg1YzRjNGU3NGVlZTQyN2ZiZDNjMzNlZjVkNGZiIn0%3D; c=eyJpdiI6IitEVHZPa25yMzduV2x0a1NQMU1OdUE9PSIsInZhbHVlIjoiMDFjV2d1QjBjSDA0SnQzVmFtS3pieDNWdTN5TzREc0Y3NkNlOUdqVnErb2JmSFVJaHpPbmxNeU41SFJCVnpIViIsIm1hYyI6IjExZTBjN2I0MTFjNmRhYTQ2MjExNjZkNmM5YjA5YzZjOTc2MGEwM2UwZjZkZDFiM2ZjNGEzMjM5OWMwMjU4Y2UifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
870
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE9QJdJjzdu0CBxd05DkTvklKzMijzinz%2B3WAAiNE5AFpmR5al1euoDrUUxx8cMz01qIuiuz65lhseLYeMozuDGAQMTN%2FIxphesJQooD6w5OYoeAf2c2zBZYJ%2FJ5sshXkhDN%2BIOdju4RVSI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3233bed1a1f15-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:58 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b191cb52e5cbb67b666e9c842dc953a6e6fc043582e37bbdc5d80896789d3de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51224
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:58 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
437
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
39
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
EdPhbKsKvhRTrnoVHQT5D0-0YOftd9vciYSykERczQYi8Qy3oNnQig==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
8cac9bd1-4d87-4998-913f-7f7400ad0a05
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/8cac9bd1-4d87-4998-913f-7f7400ad0a05
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:58 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.9178588682700031&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.7857520341830413
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=468461844&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=799450672.1628702457&tid=UA-192660002-1&_gid=1581743151.1628702457&gtm=2wg891MSK8GMG&z=897928332
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63558
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529373
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
E0kitAoOBh4wfzNTSKxEsh35w7CjdYMeLHjZC_RYGkZJep_GXohCXQ==
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:57 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:50:58 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 634A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Fl9LdKrfQKOVbvPNuyHe4f_nUoOAjiERk8i1uUzbd7ZaCEHuUeOdCA==
age
2135068
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6ImdJajFDXC9jc1hcL3ZqdGM2SEozaGQ3Zz09IiwidmFsdWUiOiJRK2JYKzRWRXczdTZ5WXRTZXI0cndRWXNIeU5lQVJCMFNJZFhDKzhcL0pvT0I3dWs3Q3U4YlZyVFFISVRcL0dkRWoiLCJtYWMiOiJiMTBkMjZhMzg3MDhhYWQ5ZjVmOGFjMTAyMWNkYmM2NDFhNjhkOWU5MDMwMDhjZTAyNTc5N2Y5ODAxZTVkZjM2In0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6ImdJajFDXC9jc1hcL3ZqdGM2SEozaGQ3Zz09IiwidmFsdWUiOiJRK2JYKzRWRXczdTZ5WXRTZXI0cndRWXNIeU5lQVJCMFNJZFhDKzhcL0pvT0I3dWs3Q3U4YlZyVFFISVRcL0dkRWoiLCJtYWMiOiJiMTBkMjZhMzg3MDhhYWQ5ZjVmOGFjMTAyMWNkYmM2NDFhNjhkOWU5MDMwMDhjZTAyNTc5N2Y5ODAxZTVkZjM2In0%3D; c=eyJpdiI6InZoczdtcnRzY3BsTHZqSWhlYjY3MWc9PSIsInZhbHVlIjoiWSsybkJuV0lNN1wvYjZvMzN4ak83Zmw0eXpSK0JlaW8zaFVJMzQzV1E1WWs1R3dlVUQ3SysrdzBJNjlxWCt3aVoiLCJtYWMiOiJlY2JlNDJkMjI3Yjc5OTc4N2EwMzA0YWQ0ZDU1NzA3ZDJhOGU1NTNmMDQwZjI2MjU3ZDYzY2ZkZjg5YjBhMGNkIn0%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImdJajFDXC9jc1hcL3ZqdGM2SEozaGQ3Zz09IiwidmFsdWUiOiJRK2JYKzRWRXczdTZ5WXRTZXI0cndRWXNIeU5lQVJCMFNJZFhDKzhcL0pvT0I3dWs3Q3U4YlZyVFFISVRcL0dkRWoiLCJtYWMiOiJiMTBkMjZhMzg3MDhhYWQ5ZjVmOGFjMTAyMWNkYmM2NDFhNjhkOWU5MDMwMDhjZTAyNTc5N2Y5ODAxZTVkZjM2In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHC0THQkHe6XEbnWljUKvJP4iDw7Q9h9L6uxz%2FqmCPnX6yAATshsWabJvBXAx%2Bxt03T4wXYpr1FDgL0fquAp%2FS701dUsZhFzEKU59G7s1zwKF4G7HyaopAGI6HmrjuW7OMbg5V%2BacnRm1yQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImtXYUFuajNOWUVvRjlwMUxLWVB6a0E9PSIsInZhbHVlIjoiRWVKQ3VoNWFhTjFIdElyM3VcL0RHMDB6REViYm9VcU1ZR3F1RVpUNzBpNVlaZ0JNUDNEcmk0Y0RoZ29RaHF6dFwvIiwibWFjIjoiMjRmN2IyNGFmMDZjYjM2MTU1NDY5OTYyOWNmZGQ5N2IwZGY5ZDMzYjE5ODhiZDdkYTNjMDE3OGNmNjMyZWQwYSJ9; expires=Wed, 11-Aug-2021 19:20:58 GMT; Max-Age=7200; path=/ c=eyJpdiI6Imd0ckRpb2d2KzBROHVVZ3d1QzlzbVE9PSIsInZhbHVlIjoid1pub0RtczluemRQcGkrbGVMZlwvR25wM1ppUWFTNzlJTDdJdTRVUEtYN2prbVhZZTZWcXE0XC9XM0lBSTE2UVRFIiwibWFjIjoiZjE4MGM4YmVmNDQ3NTc1MmI3YjllY2NlNDUzMmMxYTgxZjBlYjJmMWI0ZjRhMjJkZTI0MTM1Y2QwMGYzYTI0OCJ9; expires=Wed, 11-Aug-2021 19:20:58 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3233d68021f15-FRA
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:58 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:20:58 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1efdd674288594ded46efcf602ba9ed1080080e98ec0def8974f495b546cc7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6ImtXYUFuajNOWUVvRjlwMUxLWVB6a0E9PSIsInZhbHVlIjoiRWVKQ3VoNWFhTjFIdElyM3VcL0RHMDB6REViYm9VcU1ZR3F1RVpUNzBpNVlaZ0JNUDNEcmk0Y0RoZ29RaHF6dFwvIiwibWFjIjoiMjRmN2IyNGFmMDZjYjM2MTU1NDY5OTYyOWNmZGQ5N2IwZGY5ZDMzYjE5ODhiZDdkYTNjMDE3OGNmNjMyZWQwYSJ9; c=eyJpdiI6Imd0ckRpb2d2KzBROHVVZ3d1QzlzbVE9PSIsInZhbHVlIjoid1pub0RtczluemRQcGkrbGVMZlwvR25wM1ppUWFTNzlJTDdJdTRVUEtYN2prbVhZZTZWcXE0XC9XM0lBSTE2UVRFIiwibWFjIjoiZjE4MGM4YmVmNDQ3NTc1MmI3YjllY2NlNDUzMmMxYTgxZjBlYjJmMWI0ZjRhMjJkZTI0MTM1Y2QwMGYzYTI0OCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; expires=Wed, 11-Aug-2021 19:20:58 GMT; Max-Age=7200; path=/ c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D; expires=Wed, 11-Aug-2021 19:20:58 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tbrqOGRx%2FjWHPWbkvfHD%2BK5HPDO%2B4kBMvTmWzjDZ80XGz%2F0ceyVzb2X5CwR6GnGj7YETyd8VX1yBhzKKdYsaxu6vn4PxtYjWglm3dl01VAyFfj5WD%2BT20pHBHVpO5FvThGa%2F8KDa8lKaio%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d3233efab11f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3906
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KNRjxiokJxh2HdZjURjG3xcH2y5TaBxtW%2BJ3F2L5kR8x8jVvJ1Xyml3uBf7YzQNY4Wg3xoREuPlMRd%2FUcQct72lNfn43pbTyuKpCuDLWdp6Kj%2B36x9GPfI3vBCaJG%2ByoDhM6UVwthQvOAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d32340bdfd1f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3906
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HADhKsZDf6yToL4Tcxks4sqXhWElkl14EWtRPHAN6FKo1QR84LCKuScsQ%2FNXbDQY%2BCgyAMqQ3Ku7lm7DuBoQSgtggb59JcFtSEwhbxXwYlfnd2fNCk5nlxliKzlxU9hH1qj4djf0KFHtg1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d32340bdff1f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:09:58 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1149
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gHfsjW8G0XDRxt8ijYhllt4SV%2F6F2I3AAH1kLbAWtOHfszEZm48NiJgB0eybVeZENR9pOnc9N6Vtmphl6E%2FQyyRiVUGQCxXbe4A4lDeMR8V1Fy%2BCrXwszjTJ%2F2Mp740xG9rdHjAMFmJ7Dg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d32340fe6d1f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3895
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vh%2FoGLJDLP8qeJo%2F9ByPdwXZAMp4Hkg%2BKkMdzzxzeOFIM7acZVXjGypvO8qTzh9cqclGGkoeHsevnJQaK9HCd3X%2FxLb%2FLh7CCe25Bkcui9%2Fb9iYIrJbQQ6NpSeBoe7ivOfSQHTEXbZqFzuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d32340fe721f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHhSiLzH15SCDmvcynEusimjB7mdJXnB4%2Bwh8FT%2FeCMHmeKyASzEJfXiemWcZBrz%2BY4Uiixzo%2FbRcPp4QxpaRqK%2FOjGBo11JeCT%2BVWt47oui9unh%2Fv2uc1tBIKzEmhT3dsGrWop9VTe0T0k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32340ce221f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:20:59 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3905
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Edk6U66YRYS86MXvY6bQe2ZTnm3zH7mLlh6GMPe0swyXX3uXbO1l1LqulaJso6dm%2Fy9ZdEgEceEjPqVZ1HTSG4gMjtrimpOwnUUowE%2FXRb9Bi4IXgS1O93mLYoyuzDezi82WTJHtme53N8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32340de421f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FJt%2FBqXUYihOm6m1PDqXgZ38M8w8mLN%2F30KMOtcCldcgptSv63e7efltEPML4WJZFZbIrWbPVW273St3urMfF8ck70l21BtJ8OFRlRGTdg%2FqMF8WD%2FvbWXjQk%2FRChwKsnwE5WeCCz%2BxbSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32340ee4b1f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:09:59 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:20:59 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:20:59 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
724
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYHsTYRZTPzm0qGLEm2Occr9YbhAz6bCNch9ynmcAYW64xKyvb2ivW%2BtueAL4UUcTjwDVwlpeM5hq12XKK7zaQ0jMlffZACVjpvNd825x5kXMLg0vSsnh85H6xJYcxBTPOBXF%2F06DA87O1T18g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32340fef31f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d557da70d84a705a3f6ea1e66d5ab3d28774e2deed68caa5ea617d84a97d73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42030
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:20:59 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.16708238409453346
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
fc5acadc51c3e43254bce32bbd37f4632798b739a8188e7ae6008adf83c983a5

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:20:59 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49853
x-xss-protection
0
server
cafe
etag
5063929039262382390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:20:59 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
a0220351dbfc38e8494b130fc62e9fe95c1d9b399761421963e2406bebeeb7b1

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:59 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7e5de8fcd18bf54743c8d150a090e05cdce3b2f140be73fe563b6f1c19d26415
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:59 GMT
Server
nginx/1.19.10
Etag
b3e9a947-05c8-4be7-b5dc-f8828a4064e6
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:59 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:59 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:59 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:59 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:59 GMT
locate
tgfunnls.org/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCNshSwbzjhdEgg9VJuVfbsBIv7mxvFo6ljY3sXR4gZKB9dFDLyZMaPU6VURfljdZj1vzDtrP7Yb7GgxWuj%2Ff5e7ba%2F6zsl%2FutDIpnQfYolsyQITVRZEWmsQcW2MqNXe%2Bkkp2vGy2x3VNDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImxMc3ZYemZXY25VR3NnQXcxeU9RYXc9PSIsInZhbHVlIjoibUc3V2t3T1JvWGtqR2J2VnJGaG5FSU9CeVEyTU9mSlRidUlCK1c2YW1zSjFvWEVSZWhFa3g5b1pqb3hkQ1wvckMiLCJtYWMiOiI2NDk1MTMyZWEzN2ExYjhkMzIzYWNiYmJiZGRkNzFjYThlMmY4YTNjZjk4NDFmNzg2MzhkZmYwMTdiYWM3NmNhIn0%3D; expires=Wed, 11-Aug-2021 19:20:59 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkxPamZXbWg2ekNQMmZ3aXBDODFMQ3c9PSIsInZhbHVlIjoicFRVN1pEeWxDdXVMNVwvSEM0ZUNcL1VPdWNyOUNSOEg4bklhWU9uVHNCMEpOVTJCSm56M3p2NmtkMGx4TDFOaXA4IiwibWFjIjoiNzFjMGY2NjJlNDdkZGMzOTFhNzM5NTZjMzVhNTU2ZGJkM2ZkYjdiZDVlNjdhZDA3NmVlYmQ1YjE0Mzg3ODFmYyJ9; expires=Wed, 11-Aug-2021 19:20:59 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d32341bfee1f15-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702458.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im5cL3RkOVIrNDZ0akF4eGF3aUZBTjh3PT0iLCJ2YWx1ZSI6InB2WFRWQ2U2TjlvY2FZY09hWjU4YnJMXC9DWHE3ZFwvSmV3SHdvWVBGUDVFbXl1cm85empYVnVXNytZWTdYXC9IbHQiLCJtYWMiOiJjNWRhMGU5OWNiYTZmNGI1Nzk2OWI0MzdlMzZjZjczYmQyMGE2MTFiMzJjMTRhNzFmODc3ZjYzMzFkOWM4YzVmIn0%3D; c=eyJpdiI6Ikp0YzRyY3dIY0ZqZHRKWG5zVjRNU3c9PSIsInZhbHVlIjoiQ0tjVXdYMk5Za2ZFUnBpM3liQU1RTGpiWU4wUE5nbG1SU3JnSStZTTBiTFFVbllCVE9OemRSd25wajVjOUFQOCIsIm1hYyI6ImM3ODkxZmNiNjIzNDM1N2NhNzk1MTJiMDMwNWM5ODY4MjBmZWQ4MGUyNDE4YjExOTJhMTA3ZGYwNjRiNWUwMDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
871
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vIDUrSjSBl3SBrnc6V1eiosdKp0pYCr8p6mRABRmtMugIJJapGQO2XCe%2Fyrsc0ysV%2FLv%2FzqpuVHhk2WPVJZwyc3tHStWHht2awR4Ef5UWnUX0Bfu73yy%2Fvxb8H596K6sANq88acYGr5lY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d32341bff11f15-FRA
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.16708238409453346
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC5A9B90982F6BE0567FAC8CFE974E4DF&h=8224a7fb2c249cd1afe136e4f689fcca&t=false&r=0.08326384350208382
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:59 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:59 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:59 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
0cb080de-1b91-4fde-9881-17e2d232678e
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/0cb080de-1b91-4fde-9881-17e2d232678e
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe8a701e5552cb8f996388184dc59e2c3f04f37581d21fcfc1c4f50ddf04d107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51222
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:20:59 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
438
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
40
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
uQgp1FGOWZ2_XV8qSaK7PN2VUeTayZZ8mjjlPGTS7d0JY66HyUX_vw==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:59 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:59 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=584243312&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=799450672.1628702457&tid=UA-192660002-1&_gid=1581743151.1628702457&gtm=2wg891MSK8GMG&z=1393022727
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63559
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.13544624144811745&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.6389151590634901
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:58 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=983040-

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 983040-124690623/124690624
Content-Length
123707584
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:59 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529374
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
f5HtgO7b7mzHsAh-XtGkb6Das4H28a_O__SE49SqJJbTtyUzzBSL6A==
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:50:59 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame D5DB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
L5mstrX4tclp3-DsgEKyh8cmGvlvhZCKBPUIiVbDgUS-svxNoUWWWQ==
age
2135069
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6ImxMc3ZYemZXY25VR3NnQXcxeU9RYXc9PSIsInZhbHVlIjoibUc3V2t3T1JvWGtqR2J2VnJGaG5FSU9CeVEyTU9mSlRidUlCK1c2YW1zSjFvWEVSZWhFa3g5b1pqb3hkQ1wvckMiLCJtYWMiOiI2NDk1MTMyZWEzN2ExYjhkMzIzYWNiYmJiZGRkNzFjYThlMmY4YTNjZjk4NDFmNzg2MzhkZmYwMTdiYWM3NmNhIn0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6ImxMc3ZYemZXY25VR3NnQXcxeU9RYXc9PSIsInZhbHVlIjoibUc3V2t3T1JvWGtqR2J2VnJGaG5FSU9CeVEyTU9mSlRidUlCK1c2YW1zSjFvWEVSZWhFa3g5b1pqb3hkQ1wvckMiLCJtYWMiOiI2NDk1MTMyZWEzN2ExYjhkMzIzYWNiYmJiZGRkNzFjYThlMmY4YTNjZjk4NDFmNzg2MzhkZmYwMTdiYWM3NmNhIn0%3D; c=eyJpdiI6IkxPamZXbWg2ekNQMmZ3aXBDODFMQ3c9PSIsInZhbHVlIjoicFRVN1pEeWxDdXVMNVwvSEM0ZUNcL1VPdWNyOUNSOEg4bklhWU9uVHNCMEpOVTJCSm56M3p2NmtkMGx4TDFOaXA4IiwibWFjIjoiNzFjMGY2NjJlNDdkZGMzOTFhNzM5NTZjMzVhNTU2ZGJkM2ZkYjdiZDVlNjdhZDA3NmVlYmQ1YjE0Mzg3ODFmYyJ9
content-length
179
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImxMc3ZYemZXY25VR3NnQXcxeU9RYXc9PSIsInZhbHVlIjoibUc3V2t3T1JvWGtqR2J2VnJGaG5FSU9CeVEyTU9mSlRidUlCK1c2YW1zSjFvWEVSZWhFa3g5b1pqb3hkQ1wvckMiLCJtYWMiOiI2NDk1MTMyZWEzN2ExYjhkMzIzYWNiYmJiZGRkNzFjYThlMmY4YTNjZjk4NDFmNzg2MzhkZmYwMTdiYWM3NmNhIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7BoRsrcA8PhqLkoHmRz9nhKVduxjHB60OmYJ28%2BQxdSCaaRqmV%2FkvStNNT7vMZmzpXnhTxQPt3UoBYnI%2FSzw8boDf1s38S6iEFZO408Dy8r%2Bc2vfRN%2FxlyookFqhun%2BtxGOtdZyGmseL8w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InN3SWtRVGVtMkpOYWVvQWVFYlVHb3c9PSIsInZhbHVlIjoiMUx4aXZlbkNcL3RyckZpM2dCSVNyS09UdXlUcXRvZTUxcW5ESmtZRnh3NFNtQzNNUXloS1wvWE1TS2hwZU4wa0JNIiwibWFjIjoiYmQ0YTQwOTIwNzAxNzJjMDU4MmY4NzFjNDY1NzIwNzM3NzYxZTdmZWJhNjQ2OTFiYWU2NWEwMjBmZGQ4YjZiMiJ9; expires=Wed, 11-Aug-2021 19:20:59 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjcwU01UZ0t0SGpUblVRNE94QlwvRVFnPT0iLCJ2YWx1ZSI6Ikg4WjY0Zk92YlVyTlFPTVd0V1o2cmsweHpiQ1k3ZFwveFFVa1ZIdW9NYklhbVdVN1FjTldIRndrbzRBOU9sRWFnIiwibWFjIjoiMDEzMjU2NmQ0OGY5MmJiYjYxOWQwMzhlZWVjZTZkMWE2OTcyYjRmZmE2YWQ4YTA3ODk0MzIzZjZjMWM4YzIyMiJ9; expires=Wed, 11-Aug-2021 19:20:59 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d323431b571f15-FRA
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:20:59 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:20:59 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:20:59 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adb3895793c30f79350d7289d9c6ce695e5a5cf82a7a82e3c390350228c75b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6InN3SWtRVGVtMkpOYWVvQWVFYlVHb3c9PSIsInZhbHVlIjoiMUx4aXZlbkNcL3RyckZpM2dCSVNyS09UdXlUcXRvZTUxcW5ESmtZRnh3NFNtQzNNUXloS1wvWE1TS2hwZU4wa0JNIiwibWFjIjoiYmQ0YTQwOTIwNzAxNzJjMDU4MmY4NzFjNDY1NzIwNzM3NzYxZTdmZWJhNjQ2OTFiYWU2NWEwMjBmZGQ4YjZiMiJ9; c=eyJpdiI6IjcwU01UZ0t0SGpUblVRNE94QlwvRVFnPT0iLCJ2YWx1ZSI6Ikg4WjY0Zk92YlVyTlFPTVd0V1o2cmsweHpiQ1k3ZFwveFFVa1ZIdW9NYklhbVdVN1FjTldIRndrbzRBOU9sRWFnIiwibWFjIjoiMDEzMjU2NmQ0OGY5MmJiYjYxOWQwMzhlZWVjZTZkMWE2OTcyYjRmZmE2YWQ4YTA3ODk0MzIzZjZjMWM4YzIyMiJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; expires=Wed, 11-Aug-2021 19:20:59 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D; expires=Wed, 11-Aug-2021 19:20:59 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIwgaofSzbTxr%2Bar0sioa7wilrI71Kd3Ee4sgUO4hKxR4xLweBv1uutvFUZKtdzvK3QnCw71aKGj0xMUKhz9X7XQOtU1gMbCO%2BRxYJM%2BvZdKEeD1dxQoKrwPcyvF0Kkj%2BjELr1tH2nYLk6Y%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d32344af011f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3906
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghJ0BCbgxr0868UZeiXnlctyRGaM6lsGfIdNasnjuplGPr4ADTe4kIDE0pYKgbTeRy1ZcsL5lEX4ahUtXr8bWBMD48ds4Vnt5%2FvKSSEkeOupu%2FU4G7cvivXlqL3EKEjacm%2FfkJDUl0kaHDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323468b091f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3906
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hOskMd%2BhYwu9Yw4AIxk3gE0QM2DahBxBSmnNPb%2BVNUE7urbP2uhOiQw1KnB4bn2Tcqnsvt%2FSJcIozMWgNvP0Jz1SKOSitO9Q52YZpTtcPUidzyZ2G9z2JnNQzk1my2RD%2F%2BfWFQCH8s4LnU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323468b0b1f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:09:59 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1149
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbWfE06WsIxgQ4BXmMZumE1%2FWm6jYP9I740lb7DfJ65klTurRD4swwDsgJZPTr1wyDivELJ7WSqqg2qg0U2ycaU5NrEAu00VCyqsH9S1zWaYBJhalgR7LYutvhcFC7%2BwABxC%2BZmVCoKKc4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d32346bb761f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3895
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBC4ak%2FXR5TTFOG7XFsHCDJEmgbfXVNOHYMHSeSqKkUeOFpc4UUei0B52F10tnSWMsZvttYQ%2BoVY7yAKJAIXZBwPOwWFi79O%2BtMJVF1AWx2yHd%2BoU1KlHDR0hdH6CGhRIbBFSmOccDGNivU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d32346bb7a1f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCGlPkCaDjVk85yVELdR32GysPpzf%2BsekC1RnusZ5jkdiOoH2mnCS6PqrcdHUj%2BnKCDgU0Qug2%2BlmgnLMaAOwHTMlRh0Rj6LB87T4cC55FCpnP8ajhsSsjqqJLw2c%2FYNTRJSQZGoYoggxUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32346ab511f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:20:59 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3905
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DU89G9TuSNZBIkA0zFDywZgLqNqWQVV%2FnKUvBtHQSivObyO19HsAMKtAMn7cOxcfADKn01KoiFoVi6tISqenFOo7fMu%2BRVB4E0OPtWsVyOstFH%2FlWA0IlSEt%2BoytGDoak3JBK3UbdZJdek4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32346bb621f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zd93mV5BeCmFAjUglinboGzs2rcCgcAXei5Bqr0%2FrRvUsWrZLpIRrmDMvtBAr6AaH4Egz%2FKFdMeJDQuWKhxYJkugvenmk7hNUBQxvGThx7fRGXDT%2BvDCoWHdAtJJ3mwUsLqI%2BujztL9tKTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32346bb711f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:09:59 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:20:59 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:00 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
724
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ta9Y4Jiba5Jj%2BylAe7dm1ZQMwWjUdyGeB%2F4RlZmEhm3f0MjyJeU6dmwtxQELjmugkIMqOO89QBoclZaJL2cz3RHR4wsCGZyndwPf%2BcOSHoI%2FmdxKLHZ8w8OudpxsT87dfRy9uikKdMIwgvbeoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32346b9541f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed95f3797361e43a39871b0e447c287ea998e3b7abdfbae6e58ed0cbbb1ac115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42028
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:20:59 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8614355364998723
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
2b6c4d0ec8fdf866731398895d0ab9a6970626ca9adfd07d3e4178649190360f

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:20:59 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:09:59 GMT
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:09:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:21:00 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
505179b6ae47187aea43a8bfd5bd983fad60e9cd723afbfd9efb83a6730a2eb8

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:59 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9250b900dd83ebed38e82f7b8c9dde68325b84fe650e2acf2a26f1d7c9661628
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:20:59 GMT
Server
nginx/1.19.10
Etag
410d2db1-ccb6-4632-81c9-0b600ab8e210
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b191cb52e5cbb67b666e9c842dc953a6e6fc043582e37bbdc5d80896789d3de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51224
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
439
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
41
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
UJCKRdSHFOQEr3Pz258ndPIIXf9EC5aVl9cgePErj9SppG9pzSqcjQ==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLrkN7F0J4VFqxrzapkoWQtnp5rckaZgNHlqr27d%2FdcXn1Qlb00SsjWcjvJLMpKei3ebF65IofCXEuZPw6O7wCYZJNGUyoZNJ4GwzHo5r8jPZJM5fNbVjT%2FyVFZ1WJQ0Hu%2FNJnNAf3egN%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImJTNmJIOVR5YWZQdExEQXVLV3F0VEE9PSIsInZhbHVlIjoiWmdBbDQ2Mm1lV1I4OGRrNUlSVWhFR3Y1dVp2R1JPZVY3aG12TG1ybFQ1K3BXc2wycVNEVVdvT0dJTHFOUmpvKyIsIm1hYyI6ImU2NGY3Nzk0ZWUwZGZlMDYyMGI3OTQwZGE2ODQ3ZWI0NDBkMTEyMzQyNTA3NTA4OWI5ZGViMmQ5M2MyYTQxZTgifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:00 GMT; Max-Age=7200; path=/ c=eyJpdiI6IllyaGtJaXlEVGJUWlRZMERzbmdHVGc9PSIsInZhbHVlIjoiT1B5bTZyT1ZqdjR0d3VremRsTmJZOWVaTFhCeW5PY2lrZ1FMb0pSdXNwdkdGMENMamtlNUtBXC9GVHlxMnVyYmwiLCJtYWMiOiIzMGVhMDNlMGZiNTA0MjY1YjJkZjY5NGEyZTExMDVhMzE4YjYyM2U2NmUxNTgwMDczNDQwMDA5MGFiZDY0ZmY1In0%3D; expires=Wed, 11-Aug-2021 19:21:00 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d323479d601f15-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702459.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Iis2UHFkNW5WSkYxbHVKYWFmYWFjcmc9PSIsInZhbHVlIjoiS3JCb1pveUpGZFd4a2VqMlNRUGNtQUJrd29jaFhlTXBQUmtJYXZjRzNPQWIwczR6ZmlkWkxlMWZFUWhUM0xPWCIsIm1hYyI6IjRlMDk4YjgzYWRiZjhjNjIwOTFlZjc5N2UyMjVmMjNkN2M5ODg2MDYxMzBkZWMyNGZlNDJmODcyNmIyZjE5MDkifQ%3D%3D; c=eyJpdiI6ImlJYXFMdUlKNDdtVFkwS3lKOXllWEE9PSIsInZhbHVlIjoiR0NQZ0pKWUdXVlBNV2c1RjEwdDNnQUdIMnpKb0pneGRvNW41bGlSRWZ2VVdOdm1tZysraGZxNnpnMWdtMkVcL3EiLCJtYWMiOiJiODY5NWMyZTIxY2ZmZTg5YTU0ODEyNGEyMTI3M2UzY2IxYWRjZjkzOGExOGFiMWM4NWE1OWZiZDRjZmM1YTM0In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
872
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iicHXgezGyxMn5MQ41n0Ryv8tG6Q%2F37vAWYEB8HJcZ8X84XpKARO6301YibMjZ3%2FAu47GQU35iWhFbhDkipbbXk6gqp3WXtJAdKqKrlQPTrFNcyTrYlGLq%2BAPO642Z8Vpbg%2FwwyWOyGozwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d323479d611f15-FRA
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.8614355364998723
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC5A9B90982F6BE0567FAC8CFE974E4DF&h=8224a7fb2c249cd1afe136e4f689fcca&t=false&r=0.6780205003583382
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:20:59 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:00 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:00 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
2a8234fb-c8c5-45c6-9df5-d715b95725d8
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/2a8234fb-c8c5-45c6-9df5-d715b95725d8
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:00 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:00 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1068516356&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=799450672.1628702457&tid=UA-192660002-1&_gid=1581743151.1628702457&gtm=2wg891MSK8GMG&z=874986738
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63560
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529375
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
6ffigedC41UtH4UWCPSJSr1-ZSFZ2Pn8TyqurheE80rWaVk7HDWi4Q==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.721238692966331&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.5532842526320356
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:59 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 012A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
DL-dQP1zSJDQnG9xEfuCYBiGm0PiW8Sb0y9OX6BoqMPxQbKZnGlu8Q==
age
2135070
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:00 GMT
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6ImJTNmJIOVR5YWZQdExEQXVLV3F0VEE9PSIsInZhbHVlIjoiWmdBbDQ2Mm1lV1I4OGRrNUlSVWhFR3Y1dVp2R1JPZVY3aG12TG1ybFQ1K3BXc2wycVNEVVdvT0dJTHFOUmpvKyIsIm1hYyI6ImU2NGY3Nzk0ZWUwZGZlMDYyMGI3OTQwZGE2ODQ3ZWI0NDBkMTEyMzQyNTA3NTA4OWI5ZGViMmQ5M2MyYTQxZTgifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6ImJTNmJIOVR5YWZQdExEQXVLV3F0VEE9PSIsInZhbHVlIjoiWmdBbDQ2Mm1lV1I4OGRrNUlSVWhFR3Y1dVp2R1JPZVY3aG12TG1ybFQ1K3BXc2wycVNEVVdvT0dJTHFOUmpvKyIsIm1hYyI6ImU2NGY3Nzk0ZWUwZGZlMDYyMGI3OTQwZGE2ODQ3ZWI0NDBkMTEyMzQyNTA3NTA4OWI5ZGViMmQ5M2MyYTQxZTgifQ%3D%3D; c=eyJpdiI6IllyaGtJaXlEVGJUWlRZMERzbmdHVGc9PSIsInZhbHVlIjoiT1B5bTZyT1ZqdjR0d3VremRsTmJZOWVaTFhCeW5PY2lrZ1FMb0pSdXNwdkdGMENMamtlNUtBXC9GVHlxMnVyYmwiLCJtYWMiOiIzMGVhMDNlMGZiNTA0MjY1YjJkZjY5NGEyZTExMDVhMzE4YjYyM2U2NmUxNTgwMDczNDQwMDA5MGFiZDY0ZmY1In0%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImJTNmJIOVR5YWZQdExEQXVLV3F0VEE9PSIsInZhbHVlIjoiWmdBbDQ2Mm1lV1I4OGRrNUlSVWhFR3Y1dVp2R1JPZVY3aG12TG1ybFQ1K3BXc2wycVNEVVdvT0dJTHFOUmpvKyIsIm1hYyI6ImU2NGY3Nzk0ZWUwZGZlMDYyMGI3OTQwZGE2ODQ3ZWI0NDBkMTEyMzQyNTA3NTA4OWI5ZGViMmQ5M2MyYTQxZTgifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiJQ7ZEMNKEL5NQAPA86QZljmG%2F4bhH%2B95gPKhpbClSVhNkqTHH2UEh9hiGccJYJzp8U24wyFDp%2B8%2BWBcJ5Jt08tTHv34rn1GZdX5pusIw021NQI1B%2FUa9vpDRtQ1igoLwsy%2FlC7Nx3seqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Ikp3aW1abTdpVjZiM0ZvZjNlckpCUVE9PSIsInZhbHVlIjoiVitVMENhOUdqbndUMHY2U3g1K3VVM1BwRklXTk4xMmxPUlhOdDExMndhMFplQTNMSkNnaU42OEQxcWJCQVNRbyIsIm1hYyI6ImUwYzYzNTYwMmNmMzhjMzBjNjI3NTVlZTdjZThlMmNiYTgxNjBjOTQxNDJlYjM4YjYyYjhkMThmM2ZjMTlmNzkifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:00 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkZJQzdMcm9yV2Y4QkFvMnhQQndhM2c9PSIsInZhbHVlIjoiWG1aMzA0Vm5oUFExQ1J3VmI0UzNnbnU3amZlUkppUnhqR2VpaEFXWm1nU2Jyck9Ca0hTeEkwd0NGXC9HYkYrMkkiLCJtYWMiOiJiN2FhMzhlMTg4MTkwOTEzY2IxODViZDZhYjhiODc3ZDZjOGNkZWQyYTQyMmZlMWFkNGRiYmEzMWZmOGRkM2I1In0%3D; expires=Wed, 11-Aug-2021 19:21:00 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d32348cf801f15-FRA
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:00 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:00 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:21:00 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1969e325ec1d027dac541ed2e298788d5c71ca81ffe2d4d109b9b4b5c200a5aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Ikp3aW1abTdpVjZiM0ZvZjNlckpCUVE9PSIsInZhbHVlIjoiVitVMENhOUdqbndUMHY2U3g1K3VVM1BwRklXTk4xMmxPUlhOdDExMndhMFplQTNMSkNnaU42OEQxcWJCQVNRbyIsIm1hYyI6ImUwYzYzNTYwMmNmMzhjMzBjNjI3NTVlZTdjZThlMmNiYTgxNjBjOTQxNDJlYjM4YjYyYjhkMThmM2ZjMTlmNzkifQ%3D%3D; c=eyJpdiI6IkZJQzdMcm9yV2Y4QkFvMnhQQndhM2c9PSIsInZhbHVlIjoiWG1aMzA0Vm5oUFExQ1J3VmI0UzNnbnU3amZlUkppUnhqR2VpaEFXWm1nU2Jyck9Ca0hTeEkwd0NGXC9HYkYrMkkiLCJtYWMiOiJiN2FhMzhlMTg4MTkwOTEzY2IxODViZDZhYjhiODc3ZDZjOGNkZWQyYTQyMmZlMWFkNGRiYmEzMWZmOGRkM2I1In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; expires=Wed, 11-Aug-2021 19:21:00 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9; expires=Wed, 11-Aug-2021 19:21:00 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGfA8VUIjL1rqfMXBEy7o9LpyuOdBpc6exgODAO5JiwFLcgSzy8T5tmGTO%2B%2BreDnsHKsfTjUd2QGrLWWIcR8gkcTEKbi6KxTid%2BePdLEEhQBNqa%2FZxIKRmg9nM3pPxUrY5B%2FCR6m7gErkpI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d3234a8b741f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3907
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO6rZe4Ep30CdQzWGd5LAJa84jMFzarrzLZWC8RQ5DO8fVw1T6jfvd6fTLsVCLknOMfm7D1AmqTL5Cl1Pv0k09J5piGTeT8j%2FP%2FjNyiQQpnPxTB9MdX5agHNW58NA7nRF3vGGvJ7CpL5JCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3234c5f191f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3907
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkQFCaMZOFGviWEji%2FTuC3hda0nWuiC9iX1b0%2F3xKiZ1kzSJtM0qR%2FyYcaU9%2BxqYOoVH4rVmK24AhDNzamErD8WLG%2B6Ph%2BsXj4antAZzMzA0ML1oQdBRGWWcmg%2FWiHVWtM54YWCvs3m9dS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3234c5f1b1f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:00 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1150
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWEBCML%2BIAmz7fy%2F9KaNlHEhJ35x8l7srFUZD5eS614E6BsiFf%2FjzWy7DobiVVBYuK2qugm0MpZ%2BKznLgTysLiRefPFOHSIHkbwxEckul8wFcU%2FkZUhxVDSGZEPqsa%2FRRLKE3o8qwCNB0iU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3234c8f7e1f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3896
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYZgtgxix1CgygMG1PFmJG84K%2FAvscaNOK5OBkxVyqiyQGUkgp0MPpJKclLVaapYSEI6TSMbLsJUk%2BE52ecI1WO5HMpFIr5Uea6bXvS5hhte%2BG%2Fy0ubw8Wg9s87LdKVVDgVr76raXQvCy10%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d3234c9f811f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zh%2FXjDCvc3LsZy4lptP4wYRHt%2Fqbpc8x0%2BunCKwJ%2BgesZjiuvbjtBrVbd9QKZfeDtIQH0DlINcTQQ7iI8wZ8HOdAqQM6o%2FD%2BKFurnoBAov84k8dPT3E6r7%2FWysEvsES5TSIhWyf5SCz1yx8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3234c7f531f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:21:00 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3906
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYuHHJSfE9xXsCzNGoejIX9YhxvqxJ6Ik0kH1z7nJeV6y7XcIjD6Jjmq3mom9eCQ%2BKoAH0K7Kpwrv5VGcBq0h9P6GYBonkWXA2BI5EfOA6YvaCpWbwubWLcNfQ5m5bW2c5ywzrvaP1kp8qg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3234c8f6c1f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qKZ0rWqMrmmbZVWbqe7L2PHVMADaFO%2FnupAscOAACYrQYUuh985eQzSEYi%2Bzldg9TikUlCSBeiJaqORCYUDEELeHR%2BIc%2FlyONmqQaAONBrsSk8cIp2Rieoxpw%2F9W9CkWPwgFT9Lo9XYWic%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3234c8f7c1f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:00 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:00 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:00 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
725
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhfqF1vzImwMHQrDUNKK36V1rxcFzY97%2FXbHna%2F1STm8XjWGemR4ZLD9qV6UXs0j1BDn2V%2BIqg5eE2%2F8KenolUdK9CuD6nk0O%2FJAsSPxVGTHGIsQ%2BdDCM%2FgiuDqAkLzrO0GkRE74XYNZoLgHYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3234c9c341f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed95f3797361e43a39871b0e447c287ea998e3b7abdfbae6e58ed0cbbb1ac115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42028
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:21:00 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.004747783060244037
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
baca9c7ddb2351017f979b2f51b499d6e661eb70d35bd8d16d208eb7bb9b17ff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:00 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:00 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:10:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:21:00 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
7692dc3218cdd4e0039b4e77586f6ec58acc1eaa22fecdc234ea7340ea38996a

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:00 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9a00c4ead2d42b0067733ebca365f8184cd6f87b1c42bb3e8df5b4eb16bd3e35
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:00 GMT
Server
nginx/1.19.10
Etag
c496dcb3-d18b-4db6-b86c-e49c5fabbb0a
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F0Vtgm%2BqwYDvjlbusXEB8DBdt1NpPMgjpT2eaMnc8H5Tciq49QnYLyTPzqGzGAqjVKSxRzsp6dZHjo00rw6rgYLfmXnu6cyPCW3kNuefXFMOM0OOK4nFxsq1PnDswsNwLfFb4gzqHYGCuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkZxXC9RVjgwVFNTXC9oek41S1JGRzRzZz09IiwidmFsdWUiOiJ5NGFqakcyZ3lcL0N0Smpya2ZERldmS2pzNnZzSzdMeXk2bWJTMHJSYzU1YTJmSXg3TGgrcnhwYVJ5ZFNvSXBKQSIsIm1hYyI6Ijg1MTI5ODJjMTk4NjEyYzM2ZmEzNjU1OWMyNTlhMmNkNmRhYjM4NjNjODc3YWFmYTIwMTU4YmJhYTYwODM0ZjkifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:01 GMT; Max-Age=7200; path=/ c=eyJpdiI6Im9rcG5SR1NqZkhCQXdibm1vcUpxbEE9PSIsInZhbHVlIjoidDVpeDlEbVYxTDVmTm5UYkxSS0hEQkVtZDUwOE1oSEJoemgwSGVoc0tDVktiRzR4SndRbkJ3M25wKzRGd0tucCIsIm1hYyI6IjM4Y2RmMDZhY2ZhN2M4YWRhMDcyZTFiMzJkY2Y4YjhhOGIxZDUyYTdlOTBlYTU5ZmFlOGI0OWRiNzg0MDUxYmIifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:01 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3234d28971f15-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6Im9mTWUyelVTMU1hK1FTM3JDUUdQa0E9PSIsInZhbHVlIjoiazA4UHlhYXhOeGZpNkJpY0E0WGh2VVNtaDFKMldwVG42MytTVGxJeHdcL3F4QzBwcWZQQ2hHOG1aRytXc09mVDUiLCJtYWMiOiI2ZTMwNzU4MDY2ZTViNGY3NDBhODNmMTc4ZWRkZTExMDY0MjgwZGY2YjNjYzE0YjZkYzQ1MzgwNWIxNzM5ZGE3In0%3D; c=eyJpdiI6ImtwTTJ0ODRQTklUb2FVV1ZnVWRPR0E9PSIsInZhbHVlIjoic2JRV1FERDlWc2l0N1RJUFhja25VSDIyZW1mTzVrdHhROW1CNnNzc0FISEs2NVFYM3VSU0VcL0RcL0dCeDRKbXloIiwibWFjIjoiNjEwZDhhYWIwMjI1NDBkYWYyZDVhNDM3OTRiODEyODU1OWQyY2I0MGQwYTE0ZDY1ZDBjNmRlN2U5YmY2ZTUzOCJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
872
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuSwnqKMW%2FURSeNzrtBA8KTkpPeL2IWWnYHQcbmJ0X280CkZLr5%2B9fatcgNk6nMMLZ1lXsu%2Fu2wj2i%2FQVDZFOT4CGxAu7Y1wBZhZIODqFGldG0IYeLLXRtM4Szi5GIOci8k8iVTKIhI1eL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3234d28991f15-FRA
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b191cb52e5cbb67b666e9c842dc953a6e6fc043582e37bbdc5d80896789d3de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51224
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
439
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
42
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
w3j8kMCGMF3RK9lOj2pHAa0L1MNCDGV7TqBoZc3epXRYflLM--rd5w==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:00 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:00 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
475211f0-31a6-45dd-8bd9-9b71c60877fd
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/475211f0-31a6-45dd-8bd9-9b71c60877fd
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.004747783060244037
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC5A9B90982F6BE0567FAC8CFE974E4DF&h=8224a7fb2c249cd1afe136e4f689fcca&t=false&r=0.5887208773164372
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:00 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:01 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:00 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=396336338&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=799450672.1628702457&tid=UA-192660002-1&_gid=1581743151.1628702457&gtm=2wg891MSK8GMG&z=1906611311
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63561
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Y6C8Y8V9BH&cv=1&v=3&t=t&pid=1616391329&rv=891&es=1&e=gtm.init_consent&eid=6&ut=C&tc=13&z=0
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:01 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Y6C8Y8V9BH&cv=1&v=3&t=t&pid=1616391329&rv=891&es=1&e=gtm.init&eid=7&ut=C&tc=13&z=0
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:01 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Y6C8Y8V9BH&cv=1&v=3&t=t&pid=1616391329&rv=891&es=1&e=gtm.js&eid=3&ut=C&tc=13&tr=1gct.1lcl.1lcl.1ehl&ti=1gct.1lcl.1lcl.1ehl&z=0
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:01 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Y6C8Y8V9BH&cv=1&v=3&t=t&pid=1616391329&rv=891&es=1&e=gtm.dom&eid=5&ut=C&tc=13&tr=1ytl&ti=1ytl&z=0
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:01 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529376
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
zF3DNaI4jTXqgVO6_JXx0FD4b2Ya6T2Uk7wa9NzAeof_QLnvmM5lEg==
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Y6C8Y8V9BH&cv=1&v=3&t=t&pid=1616391329&rv=891&e=gtm.js&eid=3&ut=C&tc=13&tr=5gct.5lcl.5lcl.5ehl&ti=1gct.1lcl.1lcl.1ehl&z=0
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:01 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.8270104917905376&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.023781667228647274
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:00 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame D590 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
1pA0dsFr9zDlp7-XEq-Rp_997CZ44dAtaQDqowf8ZaqSThliM2gujg==
age
2135071
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:01 GMT
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IkZxXC9RVjgwVFNTXC9oek41S1JGRzRzZz09IiwidmFsdWUiOiJ5NGFqakcyZ3lcL0N0Smpya2ZERldmS2pzNnZzSzdMeXk2bWJTMHJSYzU1YTJmSXg3TGgrcnhwYVJ5ZFNvSXBKQSIsIm1hYyI6Ijg1MTI5ODJjMTk4NjEyYzM2ZmEzNjU1OWMyNTlhMmNkNmRhYjM4NjNjODc3YWFmYTIwMTU4YmJhYTYwODM0ZjkifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IkZxXC9RVjgwVFNTXC9oek41S1JGRzRzZz09IiwidmFsdWUiOiJ5NGFqakcyZ3lcL0N0Smpya2ZERldmS2pzNnZzSzdMeXk2bWJTMHJSYzU1YTJmSXg3TGgrcnhwYVJ5ZFNvSXBKQSIsIm1hYyI6Ijg1MTI5ODJjMTk4NjEyYzM2ZmEzNjU1OWMyNTlhMmNkNmRhYjM4NjNjODc3YWFmYTIwMTU4YmJhYTYwODM0ZjkifQ%3D%3D; c=eyJpdiI6Im9rcG5SR1NqZkhCQXdibm1vcUpxbEE9PSIsInZhbHVlIjoidDVpeDlEbVYxTDVmTm5UYkxSS0hEQkVtZDUwOE1oSEJoemgwSGVoc0tDVktiRzR4SndRbkJ3M25wKzRGd0tucCIsIm1hYyI6IjM4Y2RmMDZhY2ZhN2M4YWRhMDcyZTFiMzJkY2Y4YjhhOGIxZDUyYTdlOTBlYTU5ZmFlOGI0OWRiNzg0MDUxYmIifQ%3D%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IkZxXC9RVjgwVFNTXC9oek41S1JGRzRzZz09IiwidmFsdWUiOiJ5NGFqakcyZ3lcL0N0Smpya2ZERldmS2pzNnZzSzdMeXk2bWJTMHJSYzU1YTJmSXg3TGgrcnhwYVJ5ZFNvSXBKQSIsIm1hYyI6Ijg1MTI5ODJjMTk4NjEyYzM2ZmEzNjU1OWMyNTlhMmNkNmRhYjM4NjNjODc3YWFmYTIwMTU4YmJhYTYwODM0ZjkifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saX%2BQrI3txmisXCM2j5HZevkmtum%2BW4FCRTVBTSZO8IbF3puG43ubToHZAqim6%2F%2FJBIZdtsf7E%2BACWiDaW81TqAvzZpqssiCY6r1ZvCA7vdD%2BtaQZusM%2FY9FAs6E%2B6GwfXvCveAlXuIIDDI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlwvR1ExSGJVekxTTXprTGxhMmhNbVwvUT09IiwidmFsdWUiOiIrSXFSMEtROVZXdndqWGdJNjI1U2VCTG9RUWpZeWxXUHFcL0NtWDBRemhcL3YwNnhMVGFNVXFYdFYzc21nanIxTm8iLCJtYWMiOiJkYjg1YjdjYWE1MmEwMjI2NjRkM2I0OWNhNGFkYWYzM2U3MTQyMmZhOWRlMjJmZDQ0YjdjOGFjNTkzOGYxZTZiIn0%3D; expires=Wed, 11-Aug-2021 19:21:01 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlpBUGFtVjU4VkJMcWJHRjdxWUFYTFE9PSIsInZhbHVlIjoiaU5MbFk0NWpsVTBoRmxmYzAzN3NKU1FvbnNmSllKSXZibm1Ca2lGajFUYXhwWU9Gem1PNFR5OUlac3lcL29GMm8iLCJtYWMiOiJmZDMwMTI0MjU4N2RlOTlmNWU3MDA1Nzg5YTI3YTAzZGJiYjQzYTg1ZWMxZjA0ZDU5ZGFmMjRiMzk4MmFiNDg0In0%3D; expires=Wed, 11-Aug-2021 19:21:01 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3234ebbbc1f15-FRA
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:01 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:01 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:21:01 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a798951dc5f4694688033651151b607b5efae2c51d73d860e6e9a3261724e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IkZxXC9RVjgwVFNTXC9oek41S1JGRzRzZz09IiwidmFsdWUiOiJ5NGFqakcyZ3lcL0N0Smpya2ZERldmS2pzNnZzSzdMeXk2bWJTMHJSYzU1YTJmSXg3TGgrcnhwYVJ5ZFNvSXBKQSIsIm1hYyI6Ijg1MTI5ODJjMTk4NjEyYzM2ZmEzNjU1OWMyNTlhMmNkNmRhYjM4NjNjODc3YWFmYTIwMTU4YmJhYTYwODM0ZjkifQ%3D%3D; c=eyJpdiI6Im9rcG5SR1NqZkhCQXdibm1vcUpxbEE9PSIsInZhbHVlIjoidDVpeDlEbVYxTDVmTm5UYkxSS0hEQkVtZDUwOE1oSEJoemgwSGVoc0tDVktiRzR4SndRbkJ3M25wKzRGd0tucCIsIm1hYyI6IjM4Y2RmMDZhY2ZhN2M4YWRhMDcyZTFiMzJkY2Y4YjhhOGIxZDUyYTdlOTBlYTU5ZmFlOGI0OWRiNzg0MDUxYmIifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; expires=Wed, 11-Aug-2021 19:21:01 GMT; Max-Age=7200; path=/ c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D; expires=Wed, 11-Aug-2021 19:21:01 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHT1CRZfTO81bwhu3TcmjWQp4GW8O9XE%2FbiKj%2BiRA3N6P56DDE3VeV2ZJuuWCwbf3jzQ%2BC3gr9gaRSu2oWuFScsxMSQRpaAzEqzUN44XB9spySDrHdf5fRsjoNmsLu9EsGHBSeIF4GxIiY4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d323504e7a1f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3908
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rP47RrE3k0EcOqj3Kpq6X9JcmZYXrqMeTZpzG2wEiTLtPVwS3TJBGXSaex92jB0Ln1kh7hPDHyA7hGRTNhKrD0z%2FmTc7OZeJT%2FPTUR9SLPehLUcSAIDN0IF7E0ZizcMPWFMA5ny4KTtCnKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323529adb1f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
759 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3908
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdk5ohuqi2hbyabKy5wmrkco2zpLGpotZbnHzbpeDhZpWD4wtCej1czEg5ya7yOJITA7ECtpk3TglKEbsVB%2BrIXc1TGQVvTUGW2rgzv8P4DoG%2B96j0Nn77IlbqaSQMd5PnlZXYXWAx%2BjwLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323529adf1f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:01 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1151
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aI%2BW68n9UTMzErxFYD%2BfqwloLtaUs9NA1MeUwF4giL0cJHis%2F3%2Fc2TuRzmr8aVk7gOYZWTThjQFGst8OxyJwZkcL%2BUSzr25LlZea4L5asoaobXmv0QAuCuhYlwCyCztFC4SYL3SLTQVLCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d323535c441f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3897
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNNQi4DGyQpZIu3HZ%2BPJBlkjHN9R1pwAXL2Rh%2FilMYPA6KkiCtGPGNsPKNaPh1jp0WHbByO%2BipBX5vRVoMxE1GlcMjB2n4kQCgMXBaRODsAHnnTyKvUCWyv0V6DwdgxteQZpOVAVhCaPesQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d323536c501f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ht0FIW9Dr9cse%2F%2B%2BUEJn9XxKDA22IQPe8iYGoTU1qNQWxy9XjoPlS4eBXBnczNMfBUMTzgXzhlt%2Fj0YUKpd3mWp%2F6yDV73bCGQPgw7pyT8M0xk1ZEBx4F9pkeS2DF%2Bu12YFMD2yNOOnB7Pw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32352cb4d1f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:21:01 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3907
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b490g0Xnl7dOnEeKnADr5uUiEsvQR1E9EcAQgHea1vmefrQ2vIL7r3BIdCoZGvEUN%2BULs92UjSeJUVxLVx41OZ%2BWFfN7e8sgQs2Fkb6YGuAobB5Czyl8WevZMNnaG3Cz2hTQRPEB2Gkcbd4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32352cb4f1f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BH9EuSyYz8lzP8BhA6H3hwagvxZ04mzGnmsokiAlkViRFVzQAx7iZuRAc1%2Bj2%2BDbw7HvvunQYDRBj1UODz6ICLLerWeDi1OfWdD4T%2B9hM%2B9jcChy4XNpRiW5RyAtm9hwvJbS88Pk49VuqME%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32352eb7c1f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:01 GMT
hp
in.xr117.xyz/ 		382 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:01 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:02 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
726
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXCY0VZHIrxkCOkomQRoXc9bpZ8WYMUGIXtwHAUtkKmnVSOcd55Bt69MW5h19Kyh0Kos%2Fd49HBFEmiqObIgQBI2%2BO6wjSmfnHduWYFIqGWxwEGd%2F0C4lXz7RQm6cZO6Genyawe4l82JN5%2BaQdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32353585d1f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d557da70d84a705a3f6ea1e66d5ab3d28774e2deed68caa5ea617d84a97d73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42030
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:21:01 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.7954068549928017
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b6c7b2aba6b9176ec01f660cd2804bf59f2aadbf8c917c419e5e719ae53a9f9e

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:01 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:01 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:10:01 GMT
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
874
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9kwjS4jJadd9D9lN72zNLhqKqQCv%2BmvDksO29%2Bfc2gIjyIK5K%2Ba7hsprs3BI5xogrJNCF2u8oPBKd8atO0QiCvqaAajhbfM52lVm1RROd%2Bq984WaWVqnyaJEs7vDfo9wG%2FfhEJbl1z%2F8yA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d323538c961f15-FRA
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702460.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0%3D; c=eyJpdiI6Im1lbGdLSUVTcm5HTytjMFwvQjZEck1RPT0iLCJ2YWx1ZSI6InJYRFlFSGR1Ym1vdVBSRWtEXC9XM1dCdnRhK2k2b3lcL1JvcTZSVVMrd0xocGdcL1lqdUhkUlVvMnRvQ2lxaVBnakUiLCJtYWMiOiI2NzA4NjE2OWQ4OTFlODJjZmE3YTkxNWRhZmIwN2M2MjRjMmE1OGU1MTljYWFkZTYwN2ExMTZjYzE1ZGNmNzE5In0%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IjZtNnRBbFJNSUFBTVwvRHNPbisxd2FBPT0iLCJ2YWx1ZSI6InJcLzRjdHBxME5BeUJcL0x1U2NGQ04wdUVHb3lBUFZEM0wyeWZZZFwvXC9EZzRnXC9vNDNnXC9UdkRJdXlwc25WdGo3MmMiLCJtYWMiOiI0ODdkZWY3ZTEwYjIxM2RjNjVmZjNlOTE0NjM0N2MzMjEwNjdhYzkyMjU1ZWI5NGU3NmQ0YmNiNGQ0OWVlNmQ2In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUrRAY8d9BOnQ2qSL8Jq0mhlViTjiqFKodszdcFHYMZkARaF68HTqnuKHCtW01MqsDYIgqOk5fUmHuHymbs7pVkiGi5uAOF%2B5ku1Ce%2BtXAJt%2BrQHv3eDV9Id0kdH5ZjlS22TycnyQqqZq30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImpEcXhvYUcrTWJHWFNzT1lLUkk4K0E9PSIsInZhbHVlIjoiUW1EYlwvb1g1MjQwXC9wTFVWVlkwNzdyQWM2MWRxallZSGtqSENIMTdzaUs3d3dveFwvMFEwRUJVN2thV2tNVmdvWSIsIm1hYyI6IjJhYTY5ZWYyZjk1ZGZiNTMwNzlhNjczY2NmYmNkMmZlMTBkMjI1ZjdiNmZjODM4ZWNjNWM1M2NkZWFkYzJjMzkifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:02 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlR3QjB3NnEzRmlKdUJBTmtVODBDa2c9PSIsInZhbHVlIjoiRUdUVCtVazF4OTRGOG9FbWVraHpJNXBlakVucExDV0Q0MmdIMXAxVzMrY1ZaS3RDdWVRYlZOdnFoRjlHeGtwNCIsIm1hYyI6Ijg3ZjMyMTQ0YjVlNjFkMmM5MGZhZjI4MmUzOWY5ZTQ1NWVhMDkyMGIyMzJjYzk3ODk1Y2I4Y2FjZjA3ZjIzZDEifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:02 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d32353bcfd1f15-FRA
82eab171-6401-424a-a230-0d019fdd3a3d
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/82eab171-6401-424a-a230-0d019fdd3a3d
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:21:02 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
5e7fa08589c21d4914373f7b894986f0744b15908d026504fa3dff4cb095b56d

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:02 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
591a11ec4aaefb356c5cf3fb33bbe07edfd21405c01aff48357b794c50bbf8ff
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:02 GMT
Server
nginx/1.19.10
Etag
d8568ca8-8ae0-4c83-8774-a56f35b0f63a
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:02 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:02 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:02 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		0
0
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:02 GMT
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:02 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.7954068549928017
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC5A9B90982F6BE0567FAC8CFE974E4DF&h=8224a7fb2c249cd1afe136e4f689fcca&t=false&r=0.7345437782316764
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:01 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b191cb52e5cbb67b666e9c842dc953a6e6fc043582e37bbdc5d80896789d3de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51224
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:02 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
441
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
43
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
-FFUSiaSh1x0FMrIKrU4-C64D_Rkk9PkIa5l9h8D-jZ5fV9npEOVfA==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:02 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1777384632&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=799450672.1628702457&tid=UA-192660002-1&_gid=1581743151.1628702457&gtm=2wg891MSK8GMG&z=1018911187
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63562
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.7204290563545468&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.9200088822490964
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
0-YkHnaoSB8mmTrBxPZsdqykQjeNqHsE0ss5QfSCMoik6MQ2HddUvw==
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:01 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6ImpEcXhvYUcrTWJHWFNzT1lLUkk4K0E9PSIsInZhbHVlIjoiUW1EYlwvb1g1MjQwXC9wTFVWVlkwNzdyQWM2MWRxallZSGtqSENIMTdzaUs3d3dveFwvMFEwRUJVN2thV2tNVmdvWSIsIm1hYyI6IjJhYTY5ZWYyZjk1ZGZiNTMwNzlhNjczY2NmYmNkMmZlMTBkMjI1ZjdiNmZjODM4ZWNjNWM1M2NkZWFkYzJjMzkifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6ImpEcXhvYUcrTWJHWFNzT1lLUkk4K0E9PSIsInZhbHVlIjoiUW1EYlwvb1g1MjQwXC9wTFVWVlkwNzdyQWM2MWRxallZSGtqSENIMTdzaUs3d3dveFwvMFEwRUJVN2thV2tNVmdvWSIsIm1hYyI6IjJhYTY5ZWYyZjk1ZGZiNTMwNzlhNjczY2NmYmNkMmZlMTBkMjI1ZjdiNmZjODM4ZWNjNWM1M2NkZWFkYzJjMzkifQ%3D%3D; c=eyJpdiI6IlR3QjB3NnEzRmlKdUJBTmtVODBDa2c9PSIsInZhbHVlIjoiRUdUVCtVazF4OTRGOG9FbWVraHpJNXBlakVucExDV0Q0MmdIMXAxVzMrY1ZaS3RDdWVRYlZOdnFoRjlHeGtwNCIsIm1hYyI6Ijg3ZjMyMTQ0YjVlNjFkMmM5MGZhZjI4MmUzOWY5ZTQ1NWVhMDkyMGIyMzJjYzk3ODk1Y2I4Y2FjZjA3ZjIzZDEifQ%3D%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImpEcXhvYUcrTWJHWFNzT1lLUkk4K0E9PSIsInZhbHVlIjoiUW1EYlwvb1g1MjQwXC9wTFVWVlkwNzdyQWM2MWRxallZSGtqSENIMTdzaUs3d3dveFwvMFEwRUJVN2thV2tNVmdvWSIsIm1hYyI6IjJhYTY5ZWYyZjk1ZGZiNTMwNzlhNjczY2NmYmNkMmZlMTBkMjI1ZjdiNmZjODM4ZWNjNWM1M2NkZWFkYzJjMzkifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xr9LP5xVyGvzfgzbLHJgXkC8dZxgehSi2BSRSP4MXym7WnTe5l%2FLIOewk2poEpfj5vRFC8Dfs4YQXTqTdD%2FelDAKEaCJ6wF0gkPX4KkKdnWndNnbDPUTOLljDCOxGXGd7SVoex70bF9DBeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjZSbGZDYitcL1RBY1hVUkJsUE52NEJBPT0iLCJ2YWx1ZSI6ImtlOGFSM2ZLWTh5N0xlV3ZORzV6cHlEUG45dDVrT0ZUcHF6YitXOE9pWjVmKzZhV2YreHljRUsyK05JbGRBcUoiLCJtYWMiOiIxNzEwNDEwMWMxZGM5Y2E2MmNhZjRhYmI1YTA1ZDYwYzQ1ZDkyY2FiYzUzNTQ3MGFlNWQyY2MzYTgzYzljZDUwIn0%3D; expires=Wed, 11-Aug-2021 19:21:02 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImxDeUY4K1JvaE1TNzdVT3JlWjNRTXc9PSIsInZhbHVlIjoiWDVEbTkwWGE2WDNTVzR1Vk8zelE2UHZIMFBucFVRbFNqSGVnXC9iYURJM21GaFJ6ODhqYVNYcXJKaGkxTDBOSnoiLCJtYWMiOiI1ZmM0YTBkMTRlZmE0ZjQ0NTg0OTgwNDQyZmRlYmFlNGFkZTAzOTRiODk0YTdjOTc0MGY4NTZiMzkyYTViNjhmIn0%3D; expires=Wed, 11-Aug-2021 19:21:02 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d32354decc1f15-FRA
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:02 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 895E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
tXvb-qz3Q13MuRRAA3Zyyato5xA-QVztqLxcPX3rD2Xmgjq6gvE19A==
age
2135072
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:02 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b4a9a95f3097fb664ea894e1d09f2072acd44696afa75cdf8132bdfd375e0e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjZSbGZDYitcL1RBY1hVUkJsUE52NEJBPT0iLCJ2YWx1ZSI6ImtlOGFSM2ZLWTh5N0xlV3ZORzV6cHlEUG45dDVrT0ZUcHF6YitXOE9pWjVmKzZhV2YreHljRUsyK05JbGRBcUoiLCJtYWMiOiIxNzEwNDEwMWMxZGM5Y2E2MmNhZjRhYmI1YTA1ZDYwYzQ1ZDkyY2FiYzUzNTQ3MGFlNWQyY2MzYTgzYzljZDUwIn0%3D; c=eyJpdiI6ImxDeUY4K1JvaE1TNzdVT3JlWjNRTXc9PSIsInZhbHVlIjoiWDVEbTkwWGE2WDNTVzR1Vk8zelE2UHZIMFBucFVRbFNqSGVnXC9iYURJM21GaFJ6ODhqYVNYcXJKaGkxTDBOSnoiLCJtYWMiOiI1ZmM0YTBkMTRlZmE0ZjQ0NTg0OTgwNDQyZmRlYmFlNGFkZTAzOTRiODk0YTdjOTc0MGY4NTZiMzkyYTViNjhmIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:02 GMT; Max-Age=7200; path=/ c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D; expires=Wed, 11-Aug-2021 19:21:02 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
2
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E30VTTPGoewKO%2BFMkg8W5aFcAzZ2Gq0y9%2Bo43ef0HqXeFx%2FxQ1Xz5reGJ5Ao8mVmUbvKUXvXTOw6epw%2FTmo7blgPT5oKHAl%2BJHRt3iu2wFt97bA4VXhVwA2OAMJFfjaRYdE1DViih7MCJE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d323578be51f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:21:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3909
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2sOCdlWF2YKt%2F8RDfszW2XX53ZXrVfRshVi%2Fumxll0yBSB4VOISebJOF%2BuMqgAQSA%2BRJiNG5lBmJwwGMVbgMlJLAwDI2lH0rmpfxCrkpN%2Fqf%2FuTgii8QHsTxnFSsZ%2B78idHqaskEu3A7H0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323597fd11f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3909
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1K46FIgS7zphVy5Bke1Gqpk7Q3ijDOmrlUaJzmAA%2BAOKLlOtTL3ooZkYlSicegpWBfs%2BCq%2FVAWZ%2FOyoIt9Wqxq%2FdhXhkdxmsIFfOWHs%2BimWm7vc4SvGzK6xes2TP2IeZoIyrK0Jha%2Bbdzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323597fd51f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:02 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1152
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dV4rsJvaGB1Wgu1KDDCT1tk2nB%2BlYqM1jjmAvoX8JtwmXeyjzwMSEYi8xqOyOBodgAFRWgULbqBTTEYK3C0yypX1yEDlT4L3IMwjYqyGjfA%2Bfu%2FOU5V5cIC0VFVKWiv%2FMdzsJ7SCx5FbHmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d32359a8471f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3898
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tapyyS8z5HHNivc21ip%2BfYrrikiHVKZ04FBG5ThBoNGoEfwyviHCrpyOvY6pRENDWLofFg8aeI0s%2F8lRmtzt4ogGsdabVFArgBYQQz5bXZ9OItEdOlPuwFAukp8df9GBR4L8tYpsiHg5uw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d32359a84d1f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkTy5S6dihmOkZNKOf334uv4Db%2BUl5JSEyIo7MkPPLKKeD8%2BuvVBxR1n1saTpH7AdRwYiQ6NfTRx4zvGWQPZ4p0GyMTLrulEiXu0RWtbqtdanHvwmQRaZiP5wYMPluHfhz3x4DOHPyWEnKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3235998111f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:21:02 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3908
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhIt%2F59P%2BDKhEwaCkKGpWCTrpDzB8fpDpRPicgmwfrra31%2FS7IlBQ4u1b8V60DdWIBPCvxjkAbmd9XRSQkN9eorRRyzdPKqkW%2BJ3D6Ju8IpaknjRbdftsJfuiXkCCDKkiFh%2FROaBk3Yvoxw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32359a82a1f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcmU50StpkMcYwUjvdwLnBR%2Fww3BGvU6ihrcFc4NKVoFTZH0r6mbaDH3dL%2F%2BODDGOdLO2nzmnSXCKSQutdWGDpzPnY0EKNKnoKzSZrtYvwo0KtGtIHUnBR%2BnnEUtKfTQbkFkmb7xxtsPcHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32359a83f1f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:02 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:03 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:03 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
728
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA7vWtgdkZMvSlwy780U9FYiwX6pps32CFFJHYKHc1%2BusgGvdQWDmIc%2Be1j%2FnnSmMwlEf8fFkRBrQQ%2FmrimEr5k0pQ0%2Fzyoa427J1DZTxokIVl0p78t1uept0Zw6QN0SxJl4eHQHhVK%2BDcz18w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32359ac941f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2c723e5213b23f410648cd638cadddb95a3f7b8dcb0290a1084a8564b4bd94a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42030
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:21:02 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.5116456442088639
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
643fd5bbba83df81d7964af5bf6a620be2a175918e69bf1e0bada49b3e4301a5

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:02 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:02 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:10:02 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe8a701e5552cb8f996388184dc59e2c3f04f37581d21fcfc1c4f50ddf04d107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51222
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:03 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
442
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
44
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
teWQBkyctmHcJ_R_tDSTsHmzAN4GvL18Q7-GQvOpnSLM3Ys-f0RLig==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:21:03 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
7e763cc501286b0766a736b0a628d626cf986c276bef8130fb01c13c53d04215

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:03 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
bb5bc599c39a5bca49c22d8610da6c0ad19fe37be691e55bf22f7592535d93bb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:03 GMT
Server
nginx/1.19.10
Etag
abc5b5e0-3af5-4965-913c-2661f15f8fc1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:03 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:03 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:03 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		0
0
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:03 GMT
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.5116456442088639
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC5A9B90982F6BE0567FAC8CFE974E4DF&h=8224a7fb2c249cd1afe136e4f689fcca&t=false&r=0.6667856018275591
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:02 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1070057115&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=799450672.1628702457&tid=UA-192660002-1&_gid=1581743151.1628702457&gtm=2wg891MSK8GMG&z=685016157
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63563
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
locate
tgfunnls.org/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D; _ga=GA1.2.799450672.1628702457
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiJDoGrMGAsNxW97vAmgHZKkvvx3u1Wqu%2BnuE0muFCZnpGrpNM8gGvnvZ83BvmcpUJKf9XiY8K6uweMysUNeP1c2jCD6KwSI6ZTggg2TfFceAKn36nBd5S2CDaWAYfFEfrKpBu4TApi38Io%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkxVMWUrUmp4RmNkcE91Tk9FMUh2bXc9PSIsInZhbHVlIjoibWdBaDBveVZXNERIQ3orcmxQbWVyXC9jeDh6V0dwcWlEcEtTYUtxY0dwOWhBa2hXOW9jZzBjRCtBSEhSWUU0TGUiLCJtYWMiOiI3Zjc4MGE2YTQ2YzM2MzZmNjRhYzk2ZTJhNWFhNmIxODdhNzkxYTg2ZmVhNmQ1ZjFhYWNjY2NmMjllMzgwMDI2In0%3D; expires=Wed, 11-Aug-2021 19:21:03 GMT; Max-Age=7200; path=/ c=eyJpdiI6InhkZEtEaXcrYTYyRnAyaXlrU3N1dFE9PSIsInZhbHVlIjoiMHpPdlM4WE5KTTFtbk9sWU4yZ2tJOXh2bXVRNnRvT29VSWhhNnpSWTF3dmZxNWphUHRJYjhwV0doWXoxUVZwSSIsIm1hYyI6ImQzOTc3ZDUzMmFjNzkxZjUwYzM2ZWNkZjM2OTk3YzQwODFlMzJkNGYwNmMyOWU5NmU1Y2NiMDU3NDczZjU5ODEifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:03 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3235a69ae1f15-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702462.0; XSRF-TOKEN=eyJpdiI6InREbitTTlpTZStxdkJmRTVOdzVNb3c9PSIsInZhbHVlIjoiT3RrWVRnUm1nbmNOalNSRGhZZ0oxUDJvaVFWcjNmdCtEMFBjMFBYTEQ3WTk3N3RHRWFxamxDNGhLZGEyeGFWdSIsIm1hYyI6IjQ4NmI5YTE2NTI0Nzg4YjQ3NTQzYjczYjU3YWVkOTM5YWEwZTExY2Y0ZWM0YThiZTYwZDEzYjA3ZDIyZGI0NTAifQ%3D%3D; c=eyJpdiI6InFSbXpiNHBnY3RpRmhiQWllbjdaWWc9PSIsInZhbHVlIjoiQ3VtclBBZVZGUXZieGFNaFwvejF0bjl2SnA0UFhoenlBZG85Y01nbDNlRDZHdFpCU0MxbXR4blhLb0ptVjFuZmsiLCJtYWMiOiI3NWFlMDRiMTU3M2ZiYmM3YzNiZDQwOTcwZjM3YmI3ZTNlMjUxYzM5N2M1YWYzNzg2ZDcyOWVjNTE1YWY4NzU5In0%3D; _ga=GA1.2.799450672.1628702457
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
875
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGAs0NzvzWEPm9nc%2FaHnlSZO7Rfr4zMtSkL1JILgJtQgSwSYYvtPVF6BBv5W6tl9qHr8jgqFZ3cXsmOuxtiGfY7s4%2BwqGT2VK9mFOH%2FTq7R8CuEvcllBS4qbd1IhO53bYfvGMsln%2FNjDodU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3235a69af1f15-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:03 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:03 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:03 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:03 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
bbc239bb-8722-4dc8-a92d-aeea65486620
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/bbc239bb-8722-4dc8-a92d-aeea65486620
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529378
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
UJCflxc5hqiFuqEnYfxXBACLTXq6bKiKL0CAH6d5UCRZ3GxC_tvRKQ==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.3963243112582562&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.8547986259686724
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:02 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 3AF9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
if3n117pxtRK0E9opu8-LpLsD5HO6pviBX1-nh7KIOPZGMq78A9CeQ==
age
2135073
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:03 GMT
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IkxVMWUrUmp4RmNkcE91Tk9FMUh2bXc9PSIsInZhbHVlIjoibWdBaDBveVZXNERIQ3orcmxQbWVyXC9jeDh6V0dwcWlEcEtTYUtxY0dwOWhBa2hXOW9jZzBjRCtBSEhSWUU0TGUiLCJtYWMiOiI3Zjc4MGE2YTQ2YzM2MzZmNjRhYzk2ZTJhNWFhNmIxODdhNzkxYTg2ZmVhNmQ1ZjFhYWNjY2NmMjllMzgwMDI2In0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IkxVMWUrUmp4RmNkcE91Tk9FMUh2bXc9PSIsInZhbHVlIjoibWdBaDBveVZXNERIQ3orcmxQbWVyXC9jeDh6V0dwcWlEcEtTYUtxY0dwOWhBa2hXOW9jZzBjRCtBSEhSWUU0TGUiLCJtYWMiOiI3Zjc4MGE2YTQ2YzM2MzZmNjRhYzk2ZTJhNWFhNmIxODdhNzkxYTg2ZmVhNmQ1ZjFhYWNjY2NmMjllMzgwMDI2In0%3D; c=eyJpdiI6InhkZEtEaXcrYTYyRnAyaXlrU3N1dFE9PSIsInZhbHVlIjoiMHpPdlM4WE5KTTFtbk9sWU4yZ2tJOXh2bXVRNnRvT29VSWhhNnpSWTF3dmZxNWphUHRJYjhwV0doWXoxUVZwSSIsIm1hYyI6ImQzOTc3ZDUzMmFjNzkxZjUwYzM2ZWNkZjM2OTk3YzQwODFlMzJkNGYwNmMyOWU5NmU1Y2NiMDU3NDczZjU5ODEifQ%3D%3D
content-length
179
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IkxVMWUrUmp4RmNkcE91Tk9FMUh2bXc9PSIsInZhbHVlIjoibWdBaDBveVZXNERIQ3orcmxQbWVyXC9jeDh6V0dwcWlEcEtTYUtxY0dwOWhBa2hXOW9jZzBjRCtBSEhSWUU0TGUiLCJtYWMiOiI3Zjc4MGE2YTQ2YzM2MzZmNjRhYzk2ZTJhNWFhNmIxODdhNzkxYTg2ZmVhNmQ1ZjFhYWNjY2NmMjllMzgwMDI2In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2NT5XAza1pQm0LI%2B8sKXXVQa5MdvkvGjL64i4JR8mrWM7wt7xvdToMmGNIXNH%2BMRqC4T5NBibHSdP37L3sp%2BhxEsDbLB5fGiuV%2BPtMM1tY0BTIeHsrqaPIpj8jKfTr43BPpkOfVDMLUDoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlhmVzB4V2lpdDlQXC9LMjJqRmIwMjR3PT0iLCJ2YWx1ZSI6ImVDTTNGK2FGenFRRGNDTHlMYzJkXC81RmpLQ2pRNUw1cTl6MXA4N3I1R1VJcnpxZVlBc09BNUdQRzZ4cmNsMUlVIiwibWFjIjoiNTRlMTg3MjEwNDUyNzZiNWVjZTI0YWVkY2NjNjkzZWM0MjhiZDJkNTY2YTBkMGNiNzc5MDI1OWIxNGQ1MTAzZiJ9; expires=Wed, 11-Aug-2021 19:21:03 GMT; Max-Age=7200; path=/ c=eyJpdiI6Ik5Rb2NjZndXWFNpUjh2bUM0Z0c2MGc9PSIsInZhbHVlIjoiZ2g0ZUxPbWp3dWRZb0crWFlaekpIcURnYlR0V09UcGFGN1F6TE0ybFFXdlZveHJUNnBaR0xEeWNFM0dIQnJkTSIsIm1hYyI6ImJjZDFmMGJkYzhmMjMzNzBhYWUxNWVkYTgyYTg0OTkxYjM2YjFmZDc5OTcwZjA5MGNjNzBjMDM1N2I2MzA1NWQifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:03 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3235b8bb31f15-FRA
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:03 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:03 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a028ea8b113dc43ba68a8977acf23c351c411349f0bd62e2eb54d82467b826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IlhmVzB4V2lpdDlQXC9LMjJqRmIwMjR3PT0iLCJ2YWx1ZSI6ImVDTTNGK2FGenFRRGNDTHlMYzJkXC81RmpLQ2pRNUw1cTl6MXA4N3I1R1VJcnpxZVlBc09BNUdQRzZ4cmNsMUlVIiwibWFjIjoiNTRlMTg3MjEwNDUyNzZiNWVjZTI0YWVkY2NjNjkzZWM0MjhiZDJkNTY2YTBkMGNiNzc5MDI1OWIxNGQ1MTAzZiJ9; c=eyJpdiI6Ik5Rb2NjZndXWFNpUjh2bUM0Z0c2MGc9PSIsInZhbHVlIjoiZ2g0ZUxPbWp3dWRZb0crWFlaekpIcURnYlR0V09UcGFGN1F6TE0ybFFXdlZveHJUNnBaR0xEeWNFM0dIQnJkTSIsIm1hYyI6ImJjZDFmMGJkYzhmMjMzNzBhYWUxNWVkYTgyYTg0OTkxYjM2YjFmZDc5OTcwZjA5MGNjNzBjMDM1N2I2MzA1NWQifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:03 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D; expires=Wed, 11-Aug-2021 19:21:03 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d78N6pcCw1z3DlkpTuR25s3ffTHP40D%2F4cv7oytdhHFavtylfSBFCTNXLB0h52dJXaSBgd59cZVVnhKR0ns%2BTiL1a13qq%2BEm2BmwZHfXCCJmiYLIO%2BVwrhw0jVryNrepLNLT2xOFQH2b2wI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d3235d8f251f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:21:03 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3910
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSjFo7i%2FLfOaWISAS1UgNdxSiINbCAzkVGE8MHT%2BKzqJOThYak59%2FdWRFQgPLOK2x0AaXiB8%2BJQmeYYyFblnYwkUTtM4TPqtXom2FIt6%2BhcsVjxQA8dj08gEDDwRxBDzo%2FK%2Fk4Vqce4OEw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3235f8ae61f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
759 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3910
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGPSv1pUHa%2BlgawotiVMkkHLzDWUPC4wCTXuyclQzp4wVki551bDbpLgkPUO94EGKse2XfWH4Yf2YHvznbOUWQHbdEW8QpT5cBobFI8TCNJUEZTtIUHcMcXBGa9%2Br4esAnZunm9fnALQBK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3235f8aea1f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:03 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1154
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUEOvj0dMHJXHKzMaeC4DduuDyNmx9esP%2B%2FkFmhifeDzlwCYmDazI6OVIOWXUPYYkOrEzoM4zmhYy52pBqFUvsqAouf3vZiU2JO8H20aSiD9Ptd7ItelK2osCqe6JrUAqAMz4R1OeRXhaC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d323604c661f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3900
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZZ4kg4ks5CrSfI7Rr%2Bic8b6Ts3vmqkh5gGEP3OAy4gasWF2xuw5sx204Css5a3rfA7tEPjIX2BwlNvvq50cyp2lFLXE%2FQMUJrS5WIzEvVTmpLOsNh5V5gBKp7LA5EWqPf5nrbob5PL06pk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d323605c6d1f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDFiIO%2B%2BGaUeB2%2FR5WStBiTOadZxZv%2FJNalbFwAXQkfOwrlBeMkavno9WyxcfCFTooiSzLD0iMgcy%2BTzJ9F1FvzyuO4Sb4rRjHSBHUnh4rzIgjqVR7cXL5wyvoQKTchtfB%2BADhpn9MiivDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3235fbb421f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:21:03 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3909
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl6v3qZUTSB8MC87H4TVNZQMMK6szC57EqecvfMrN0YkCEOX5Co%2F2nLGliPJyDxkZTNXME9JWBJeYipou2hCK0MOdJcOrkmwhNanXPlmjBWJ%2BLsZnk22XS%2Bck9Anja%2FYDMn41B1%2F5Z4Fs5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3235fbb431f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxzT6b9lWE00Aagxg8QUgelJ7qD%2B4Ls03hJjeIEvfSBU7km7u0EABOQaGWz7ihLQjNZeMK9R8Ku1lYBy148lDn%2FdyVq8M2Dc5iJWeo5hGjbB%2BtQgaJ0aEtSdEJC8ldmq50FWeMM8iYRop5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3235feb8b1f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:04 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:04 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:04 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
729
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0nr3G7l5AbRl%2FmKaepuc%2FYje1YWyxBfnwpXmnSLGSDhrUITDM1BkU7j%2FcnAc79ZutEwP5u%2Fa5%2B5T5ylFhm6hX820evw70EcWVt15h6x4FunMES2Ndd80OHhX1R7YW33y6Oj1%2BM%2BXTCo9E9BeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d323605af81f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed95f3797361e43a39871b0e447c287ea998e3b7abdfbae6e58ed0cbbb1ac115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42028
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:21:04 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.44060835187503167
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
8dd89f979e28205b31f0e85572f5fedc18942388acaac47fbdda85861897d27c

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:03 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:04 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:10:04 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5K%2BaLs3fGBAWDe%2B%2BTDSbdkZGGRi91vvkIEMx23DfQOeMQr8U9UkfwrnlxOPKWGyFHUA9H9LpFiB59MgRDhO%2F8EGzsbUx5OeeKnwr3BVNIifxiqXvsj3HVv1TMBm8e4qS6lgDGfWRQuKZSGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkMyVm9NWHZ5M1g5eStaUEpvdllObUE9PSIsInZhbHVlIjoiRmtYaWZraVRzRnRKR2xiVEdISHJ5d2pcLzhIOHh1aFNkbEtIRlhlcklVcDh3SHVhS0pMQVdSTHRrejRLb3dQbnciLCJtYWMiOiJlZTYwYWU4MjBiZTBiMTBhODc0OTYxN2MzOGZkODViOTBlMDQ2M2NlNTA1MmZiYTg2MjNmNTA2NTJiOWYxOGU2In0%3D; expires=Wed, 11-Aug-2021 19:21:04 GMT; Max-Age=7200; path=/ c=eyJpdiI6Ik83ZUo2b1NKNW1mNWlQQ2dSaCtPdWc9PSIsInZhbHVlIjoiMlpKaFE4VlwvQUNVWVVnYzJHSVdmcVwvZGlBcDJLWmxvZkk0cmdYWkVEbjNXRlJJNks4WEFCZmkrdnFLRFwvY0lpNyIsIm1hYyI6IjU2ZmExZjc3Njg2YWJmMDgyNzkyZDM5MzljMGM5MzA2YjIwYTkwNTZiMDM4NjRiMWIzZGE2YTNjNGNkYTMwYjIifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:04 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d32360acf91f15-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702463.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IjNPb3Y1cUhyWkZEdXhuSjk3ZjNYSGc9PSIsInZhbHVlIjoiUnZPMEV1NjVjOXh1RVhucW9XODFmbDlxckZRQWtIMG5BT0hHeStpcFBuZEV2Q1NheTZrUHNKOUIrcDEzNVZjMSIsIm1hYyI6ImJjZDMwY2RjZDI1NDIwZGUxZGRmMmMwOGY0OGE1ZDc1ZTJiMDM4ZGYxYmQxMDQ1NWYwOTdkYTFlMjYyMGQ5NjMifQ%3D%3D; c=eyJpdiI6IkNGM3RIYUNrMExPR3JnRmk2NlY0MFE9PSIsInZhbHVlIjoiV0RrVFExWHpVVEtIU2RtdHRHbmQwcE5GSmFSbSsxZEtNdWpBS2tDUlRRXC9FTkRPWUVGY2VvS2xybGsxNjUwb2UiLCJtYWMiOiI3ZTQwNWMzNmEyODZkYTA5OGVjMjUwODEzYzhmMWI4Nzc1Mzk2OGRiYjcxMjI5ZTM4YTEzZDA3OTliZjg0NjIzIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
876
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kY%2F6vZJ8i6F%2BBX6Ln6hx9I3jwO%2FjHrREowNctR%2BeAOJ%2BxTk%2BfBUVpysU2BBVwLn8O51XoL5aunzo4twiT55WVQUBfjNpgYSwiejf8inKnEheANXdIQvomJPMP99ZKPdcPOPeoWWjw5XQrbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d32360acfc1f15-FRA
76901894-460f-4457-b272-1f502381b7a4
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/76901894-460f-4457-b272-1f502381b7a4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:21:04 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
bf19e9d166223b61f9bc5cf5f83a580cf4ef82ee7e99e26a59413c07628b8d54

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:04 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
64ed5a52ad61d130e81e7f061fbb7df681fb3781f6a0af5779b3d250c3c92cc5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:04 GMT
Server
nginx/1.19.10
Etag
268cbc76-33e5-4375-82c6-dc9aa4066b36
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:04 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:04 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:04 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		0
0
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:04 GMT
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.44060835187503167
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=DC5A9B90982F6BE0567FAC8CFE974E4DF&h=8224a7fb2c249cd1afe136e4f689fcca&t=false&r=0.8365845782596126
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:03 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:04 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:04 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54972390dbaf659b943502bd6ef8dd2b6d1b65a8b8fe1b1aa0bf2a51783054de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51223
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:04 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
443
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
45
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
TUb622DiuSA4Zm3x50nfBC0usmZcixAv7nntlzk1pwDk83sL75l08w==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:04 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:04 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=706538002&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=799450672.1628702457&tid=UA-192660002-1&_gid=1581743151.1628702457&gtm=2wg891MSK8GMG&z=462718801
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63564
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.10491986238044237&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.5411349257376934
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529379
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
hlAeFXsvCNWH4De4eCZqlB5R1WehsAZ38zGVNlXQazOOVyDuxvCyew==
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IkMyVm9NWHZ5M1g5eStaUEpvdllObUE9PSIsInZhbHVlIjoiRmtYaWZraVRzRnRKR2xiVEdISHJ5d2pcLzhIOHh1aFNkbEtIRlhlcklVcDh3SHVhS0pMQVdSTHRrejRLb3dQbnciLCJtYWMiOiJlZTYwYWU4MjBiZTBiMTBhODc0OTYxN2MzOGZkODViOTBlMDQ2M2NlNTA1MmZiYTg2MjNmNTA2NTJiOWYxOGU2In0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=DC5A9B90982F6BE0567FAC8CFE974E4DF|8224a7fb2c249cd1afe136e4f689fcca; _gid=GA1.2.1581743151.1628702457; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=d9279559-dc07-48f0-ac89-f76a8b94c8ce; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702457.1.1.1628702464.0; _ga=GA1.1.799450672.1628702457; XSRF-TOKEN=eyJpdiI6IkMyVm9NWHZ5M1g5eStaUEpvdllObUE9PSIsInZhbHVlIjoiRmtYaWZraVRzRnRKR2xiVEdISHJ5d2pcLzhIOHh1aFNkbEtIRlhlcklVcDh3SHVhS0pMQVdSTHRrejRLb3dQbnciLCJtYWMiOiJlZTYwYWU4MjBiZTBiMTBhODc0OTYxN2MzOGZkODViOTBlMDQ2M2NlNTA1MmZiYTg2MjNmNTA2NTJiOWYxOGU2In0%3D; c=eyJpdiI6Ik83ZUo2b1NKNW1mNWlQQ2dSaCtPdWc9PSIsInZhbHVlIjoiMlpKaFE4VlwvQUNVWVVnYzJHSVdmcVwvZGlBcDJLWmxvZkk0cmdYWkVEbjNXRlJJNks4WEFCZmkrdnFLRFwvY0lpNyIsIm1hYyI6IjU2ZmExZjc3Njg2YWJmMDgyNzkyZDM5MzljMGM5MzA2YjIwYTkwNTZiMDM4NjRiMWIzZGE2YTNjNGNkYTMwYjIifQ%3D%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IkMyVm9NWHZ5M1g5eStaUEpvdllObUE9PSIsInZhbHVlIjoiRmtYaWZraVRzRnRKR2xiVEdISHJ5d2pcLzhIOHh1aFNkbEtIRlhlcklVcDh3SHVhS0pMQVdSTHRrejRLb3dQbnciLCJtYWMiOiJlZTYwYWU4MjBiZTBiMTBhODc0OTYxN2MzOGZkODViOTBlMDQ2M2NlNTA1MmZiYTg2MjNmNTA2NTJiOWYxOGU2In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHRnfMSTGjfZ78rFSuHlepCj8GTlRXzBv0yGCWB3PREy6tlDKb58bS%2FxSqDFLfcog8xzSrJLk0%2BOpMvCrXWm41%2BMnFHoym%2Bu3wR0FANFeEACftdLszF%2BekufnqvJp61st8%2FiQpPNbSQLwLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Im1QYXR1V0l2djVwZVc4clArRitpSFE9PSIsInZhbHVlIjoiTkhUZU5lUTFhSTI4KzJIR001b2dtbDJHY0xsTGp6ditYSExQQWE2ZTlENmxQRngrZUQxUndTNHZHM0U1N1lldSIsIm1hYyI6IjQ1OWRkYTQzZTFmNTk3YjMzYzQyOTNkMmQwZjNjMmM0OWEzMjUzYzRiMTRmYTIxNGE1MGU1NjNmODIxODg0NTAifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:04 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlBHV3NwbmxUTlJCSUh5WUpQbnQyemc9PSIsInZhbHVlIjoibVREbVFOamJSVDVNNUpSXC8zUW9wNlwvdlpyOU1rZnB1amJxS0VTVnFPdHZXWU9sQ0o0Z2owWXQ0REhFSTdHcUJGIiwibWFjIjoiYmE2MWM1NjIwY2RkYzQ2Yzc1NDczZDRlNzhmOGJiZjBkMGU1NjRlZmUwOTY3MjQyYzcyOTc4NDMxOWJkMWY4ZiJ9; expires=Wed, 11-Aug-2021 19:21:04 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d32361ced21f15-FRA
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:03 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:04 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 06D8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
c49BtYAesPHuvoyrEPbSIsx8Z7NGR2wx6V3hnleTMSBcndxZJfrHow==
age
2135074
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:04 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:04 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2239b54d29a04c8522924e081d31ed1a123db4792b3fbc2fff84f66528e4974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:04 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:04 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHr%2FRHgy9DhFO%2BCpk25qygH4Kq1s9xRR6BUFWE3RpSrzbE4%2BbTwSdgEtc%2BhVoAttJxM%2FSML8VmepCN%2BrBxWGiC0CsesSUaiomH9xWg8l7ZMeNNq1eVVx26LTitSMCazHxJDuf9sLBsPa%2FCY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d323647e192b89-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
537 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:21:04 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3912
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1YeqI3xV0JmcHHTs7Uagey2lTKZH%2B0qvTFCfnKNoiTBoXEAUIBApsC1wBbV0NAOQId8KcghbCOi1PmbkHrt3pMRmxH7C72aUyza%2FEyXrizIZykMyA%2FerTpY3v3tbCgbg1KqmeEM1L%2FNXvU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323667f201f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3912
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TyddEaVgvEQS8WP4MSIimYwe20ifZ1d4S3pfULpkStphsaOhyfU4DjfEXfIC6JKrvkSBufXUN5GauMHDwZIuXt6g6vYHFu4sV%2BW0%2F5Lnj%2BwCrWgEc9vYIUwqBdmgNYTPDIz1%2FWq%2FIpIhI8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323667f211f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:05 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1155
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BNQO6Me37WQTWBWtKKbYF26ECAVHuv5IaITYwhS9UErS%2F6qLrVfv0mnfvNGAjf816ERYkhqUZEzovZ25joAaGwjZZ1XlPHwyDkCkliCk6nRSYeHduQJxjwToKsODZhG7cbr3q2c4%2BPepcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d32366bf891f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3901
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPqiZj7hhRZHAkR%2BGQwL6pTnUYi57UTgIUR3pXoxO6SJKAHt%2BsQlwgpVGcIGM%2FGYAPlKGR0tPPJnxI3v9KUWH2pbc1w9edEEFKnWmdvy3xly%2FDPOvqgcD7rRcxmbYJr6ja4EyIjRL%2FYEXlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d32366bf8d1f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoYriBE12JcRkyVL%2BhDBV%2BpESYqobvF2XfgYyIVbOxvcm8M6UPItLFqM2Q8P82nVrn4cYqafLa5V%2Bb7xIDytwzg839Pf6iQ1GTSr04OTi%2BZcp56MRULBpQ1r5rIEXmev%2FhnQwjZrIwyiI30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32366af691f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:21:05 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3911
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6SP5aqTPvZ6LmuhFaoUPI2B7ilBXv0teanRViTEkqaH10PmTxGrEI6K90LS%2BRlFNrYzyc9dDf5hUnSElq7Flok3%2BLBfCwNd2GXbuw%2BLuNhD9su88vf9qtzkd%2B1TblmMthEBuLqoZ%2FCmk5s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32366af7c1f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgx%2B%2BGTk70AAYixv50W27fkIx7Q6caIWJzBBUfOMeajolscpGyXSuWaQFi1wWD3tVffhOeIHNNlSkZHRIZ9J4SWdg435ZFycq%2BPRt%2FlS61LpTGd3SbEc4bAum9SacVK2c7HnJlHRVsBVc8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32366af871f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:05 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:05 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:05 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
730
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cs6VrM3fV3d3NfCCE1xb9F1ZupzkqVaE9vwt8EA%2BVleJLx9YJ4l11alpIpWBxVgvbd0jBYooc2aAoij04ZtEBCKgr2PzHIcpe7vTAGiJv2dljJFuKk8P6zkHUk62vcN7%2BTGJK%2FAlhwpVkf2rQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32366bf2e05cc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed95f3797361e43a39871b0e447c287ea998e3b7abdfbae6e58ed0cbbb1ac115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42028
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:21:05 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.4587373949656879
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
252ebdc3ba603da3041ff75b8ecab4bcd8e971b572e454c1bd2b3b3fc681c94e

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:04 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:05 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:10:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:05 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
12b210ddc01023a60b5644a93c3e91e8e205e458b42c590bfcc157b5a8173f78

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:05 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
eb261b3b20d1b06236dbf94b20690a87b01f022bbb1cf294c883720c6ba00602
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:05 GMT
Server
nginx/1.19.10
Etag
0985314a-d28d-4b74-a8ab-5721f6b02b59
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:05 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:05 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:05 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		0
0
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:05 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe8a701e5552cb8f996388184dc59e2c3f04f37581d21fcfc1c4f50ddf04d107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51222
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:05 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
444
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
46
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
KLowc-IiwgFPsNHOvGs2si2MmwfbiRNwT8bH7uKxO76ZbToz1m2aoQ==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.4587373949656879
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D591E9BA78133DD1836C43142E2B35DD3&h=b8cc1a348164eebbfad543469dbd91fb&t=false&r=0.8521488832908821
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:04 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D; _vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT%2FcP%2Bm%2B3hVhM9lslYXas5ptuaGmPi6dv1%2FDbIrmPi3CD3kNWVCZeg4U6Qmp4kskaSEGysiqCTfJcyuuQhHYoxgW1poh0N2PmLWU5vwPT%2FR9YL1T7%2BOhDtsFoQb9FlZaRawAPHzSuIdTO2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Ilo4Nnl2KzB6VUlDbEVmMENxd29jSHc9PSIsInZhbHVlIjoiMzdQMWJOMVo1YjJSY0o0dTJYSHJVV1wvb0ZoUEt2bkgrRHZ3MVRBbE5EeVdtMU5VTERDQk42cGR2ZFZEbmtqbDMiLCJtYWMiOiJkMTE5YmZmOTM5ZjZiYTg3MDljZGMxOWM0ZjhlMjU3MTRjYmM5NDI4Zjc0YjZhZjcxMzRhZTcxZWUyNDU4YmUwIn0%3D; expires=Wed, 11-Aug-2021 19:21:05 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlNVdElqYzJSWExydUlTcnlKZldacFE9PSIsInZhbHVlIjoiRERHTGdLY3dtdzl5SGM1TFNPbXlidStEZVlWZVJ6UHY5d25WTUJkc09RMFN4UjZ1XC94RWM5Z3BMb2VDbWtCWEEiLCJtYWMiOiIyMzFkMWJmMmRkM2MwMGRiZGE5NmE4N2E0MjBlMTk2NDBjOTlkZjgwNWM0N2YyYzU5ZDE3NTVmZWMzYzRjYmU4In0%3D; expires=Wed, 11-Aug-2021 19:21:05 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3236788fe1f15-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Ikl2WFd2cXYwK0FqT0hEM2FDWVRjOUE9PSIsInZhbHVlIjoiMDVxUW5xK2FmYzNrdnRreXM2NVVpVTNqSit3VWp0T1p5Mnl5eGZhVkhsNXBIRDM0ZkNBU2pwREVmZzlvbm5ubSIsIm1hYyI6IjM1NjQ5OGNiMGZkMWQ5MjA5NzYyMzg1ZjY0OGE5OGMwYWZkYzJiN2JhN2M2ZTAyMDM0MzhhMTBiYzllNjZmNWQifQ%3D%3D; c=eyJpdiI6IkdwNTZMZW5IdE1nbDE0czIzb1FxV1E9PSIsInZhbHVlIjoidjA4d3BRVXR6TnFDSjhNXC9CZW1qVTRqWVwvOGhDSDhQUzlBeTdlVnNvb25kZHQ1WUZGS2NLRTV2bEhEb2k2UFwvdCIsIm1hYyI6ImYzNDhhMjEwYTk5N2RmMzAxMDE2ZGMwODJlM2NkNjAyYzNjZWY0MjMwMGZjMDVkYjRmYmRlZDI1N2RkM2Q2YWEifQ%3D%3D; _vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
877
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coYBEiG2Uj7CbDcMKxIyMN9RED9N4ZhTt13msWAvKbhMayRioN%2F7iubN7E2UHZXI3HtnG%2BDTTGRw%2FBuHyj%2FCmqPqAEfGOniE%2B7F%2FF9lzbuifK%2B1AynsIYLru2AYWKfc%2Bf6v8rydpSn56cfU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3236789011f15-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:05 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:05 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
3b96d9db-2ecd-492e-b4b4-a1e636dac310
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/3b96d9db-2ecd-492e-b4b4-a1e636dac310
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:05 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:05 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1548291749&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1124571360&gjid=190820648&cid=1774276706.1628702465&tid=UA-192660002-1&_gid=1730464773.1628702465&_r=1&gtm=2wg891MSK8GMG&z=505381205
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=1548291749&sr=1600x1200&ul=en-us&cid=1774276706.1628702465&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702465&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.828239778087293&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
jhVnjMTiCsPsYfHeTEWoq2r8i7bPj2_Xwm8wdZ7IsYcFDkno1gwWKA==
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-192660002-1&cid=1774276706.1628702465&jid=1124571360&gjid=190820648&_gid=1730464773.1628702465&_u=YEBAAEAAAAAAAC~&z=2011912318
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 11 Aug 2021 17:21:05 GMT
content-type
text/plain
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.3024341684381515
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:04 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=1774276706.1628702465&jid=1124571360&_u=YEBAAEAAAAAAAC~&z=1210918249
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-192660002-1&cid=1774276706.1628702465&jid=1124571360&_u=YEBAAEAAAAAAAC~&z=1210918249
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:05 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 47AF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
NSg6tPh6okvLbE03oW2-zXhUJAe9NOyALlbXqpwuoy1PniGmA5YIOg==
age
2135075
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6Ilo4Nnl2KzB6VUlDbEVmMENxd29jSHc9PSIsInZhbHVlIjoiMzdQMWJOMVo1YjJSY0o0dTJYSHJVV1wvb0ZoUEt2bkgrRHZ3MVRBbE5EeVdtMU5VTERDQk42cGR2ZFZEbmtqbDMiLCJtYWMiOiJkMTE5YmZmOTM5ZjZiYTg3MDljZGMxOWM0ZjhlMjU3MTRjYmM5NDI4Zjc0YjZhZjcxMzRhZTcxZWUyNDU4YmUwIn0=
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6Ilo4Nnl2KzB6VUlDbEVmMENxd29jSHc9PSIsInZhbHVlIjoiMzdQMWJOMVo1YjJSY0o0dTJYSHJVV1wvb0ZoUEt2bkgrRHZ3MVRBbE5EeVdtMU5VTERDQk42cGR2ZFZEbmtqbDMiLCJtYWMiOiJkMTE5YmZmOTM5ZjZiYTg3MDljZGMxOWM0ZjhlMjU3MTRjYmM5NDI4Zjc0YjZhZjcxMzRhZTcxZWUyNDU4YmUwIn0%3D; c=eyJpdiI6IlNVdElqYzJSWExydUlTcnlKZldacFE9PSIsInZhbHVlIjoiRERHTGdLY3dtdzl5SGM1TFNPbXlidStEZVlWZVJ6UHY5d25WTUJkc09RMFN4UjZ1XC94RWM5Z3BMb2VDbWtCWEEiLCJtYWMiOiIyMzFkMWJmMmRkM2MwMGRiZGE5NmE4N2E0MjBlMTk2NDBjOTlkZjgwNWM0N2YyYzU5ZDE3NTVmZWMzYzRjYmU4In0%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Ilo4Nnl2KzB6VUlDbEVmMENxd29jSHc9PSIsInZhbHVlIjoiMzdQMWJOMVo1YjJSY0o0dTJYSHJVV1wvb0ZoUEt2bkgrRHZ3MVRBbE5EeVdtMU5VTERDQk42cGR2ZFZEbmtqbDMiLCJtYWMiOiJkMTE5YmZmOTM5ZjZiYTg3MDljZGMxOWM0ZjhlMjU3MTRjYmM5NDI4Zjc0YjZhZjcxMzRhZTcxZWUyNDU4YmUwIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5pieN4VvGNeJ4jnhrLsVu6B39NJ014tHJaS7bNcIx4fnAo%2BOE5wlrNiUieX%2F7wTk0EAh%2F%2BXdhZ%2FigovFtmvZuiMiBiQix2oz03fgNwsINnXcr7zcLyfG59a2%2FhymZD0o2TtmGNKqq%2FL7Is%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IkFZa2h6QTd5cWltVXBBT2dHRmRvVUE9PSIsInZhbHVlIjoiV2ZTMDNTSVhTR2dnblhwMUR4WDgraHhRZTd1VGZPcW1jcjcxSnJJc3ZiZmFRSzZ2WW5RelVwZzVoTkk4MitnSCIsIm1hYyI6IjI1YTMyMjhlMDU1YjQyYWJlZGM3ZDg3OGUzMDQwMzc1M2E1NWFmYjUwZTIyNmEzYzZjZmZlMzc4MzEwODgwYjEifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:05 GMT; Max-Age=7200; path=/ c=eyJpdiI6Ik13UFNxNFA4TmxSN2F5UE5OXC9ZMXFnPT0iLCJ2YWx1ZSI6IkJwSXJZK1ZENGRsbFFkVFJ0TnB0QlBaU1dcL05uVDNEWFBZdnRoWERBdXRkczVzSTFPMGtMNTF5VUYzZFJsWHQ0IiwibWFjIjoiMWUyZDA5ZDYyNzIzZTIxZjgxYWQ5OGY3MjNkZWNlYzlmOTk5YWRkMDljMGYxZmM4YzYzNjYyMzAzMWZkZGU1OSJ9; expires=Wed, 11-Aug-2021 19:21:05 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d32368eba51f15-FRA
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:05 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:05 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b621788dfc11927d8234bba6f61286d13de6ccf831033c6e689f19303ec88ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6Ilo4Nnl2KzB6VUlDbEVmMENxd29jSHc9PSIsInZhbHVlIjoiMzdQMWJOMVo1YjJSY0o0dTJYSHJVV1wvb0ZoUEt2bkgrRHZ3MVRBbE5EeVdtMU5VTERDQk42cGR2ZFZEbmtqbDMiLCJtYWMiOiJkMTE5YmZmOTM5ZjZiYTg3MDljZGMxOWM0ZjhlMjU3MTRjYmM5NDI4Zjc0YjZhZjcxMzRhZTcxZWUyNDU4YmUwIn0%3D; c=eyJpdiI6IlNVdElqYzJSWExydUlTcnlKZldacFE9PSIsInZhbHVlIjoiRERHTGdLY3dtdzl5SGM1TFNPbXlidStEZVlWZVJ6UHY5d25WTUJkc09RMFN4UjZ1XC94RWM5Z3BMb2VDbWtCWEEiLCJtYWMiOiIyMzFkMWJmMmRkM2MwMGRiZGE5NmE4N2E0MjBlMTk2NDBjOTlkZjgwNWM0N2YyYzU5ZDE3NTVmZWMzYzRjYmU4In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:21:05 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:05 GMT; Max-Age=7200; path=/ c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:05 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eH6WRGcX5xEJjfmJ5neh%2BYOWSQKGWj5Ym01Ji4s%2F%2FGMJxMfUe0BAbPi6xY6iQ1ylf4gttLgtrsWvJB6puTAcrVUh5w7s4lNPWq%2FMWVbj81u%2BogrUM%2Bf%2BCc%2FqftHg38mqkWcJ%2B8Z%2BR3y8lM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d3236a6dfd1f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:21:05 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3913
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ul2drDsCduhL7XmRxuooks3UFFM01YIwI0UE2gIRWsTF50wEppCtmM0nNo1n510g8Gbtu2jXfDU2QIad88bEj7WSi7IAV6LGo9vM7he9U1Y7cw4ccOdJdCzCriM1mYFpiRJY26Y%2BTabf9Z0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3236c9a261f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3913
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIGEdzjceUoaOpAvHh6i6Cc03%2FUVKlbYAh9wDNT0%2FiGgZC9B1fEGDuuNoFBR%2FJkiilHXCQvSb%2FFqVjJC2NLJK2TYusemziwh2XsgaxcvE2yXJyLC0guy4%2FXvM2PAQgX8WS7PjymdViDboyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3236c9a2b1f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:06 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1156
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTKL4ltlbX7R1k5HkBa%2BqiG%2FXg1cCKvS1CTyU0xAEn2%2F32P4dHi0q9ajkDy%2ByZbK%2Bwp1j38dbqz4n%2FT6ug8iwfXYHtGlVvhdBmf3BD9nlHN1yXF75rFFzpS7eFFLdmFWIjs%2BeMpT8op0q6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3236d5bc11f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3902
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BaxmpeOOm8SvrJo%2BAB0gsCqix%2FuL6S8GOsJaqQMfRpee%2BcBtyAr4aasYOIWi%2BflD4xPZFB%2B%2B2Kg2PjgLRtIyxHVMYqiz4k3k1EjQymQIyYgExgWkMmf0iFoeE%2FGoczyeUH7pw8RzJNNDqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d3236d5bc31f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1mpw3DENOwOUFFQW6ErSBQ%2BnmTd5H7MBQJRsjSUfgnkcc1D%2BAfXcyBtzdVCbyc09IjptkrpjFXKTLIavLU7x5caAqSSZOZNKAo6r8SGy99by%2FIY03SrpifZGUy%2F%2FsTmnrjGNh8ypMsu0RU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3236ccab31f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:21:06 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3912
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w90YI8ZQG8OlZLA6oVoTVYjKboc10r7ITyL4ID4tlZ%2FWis37v2U5Yn1%2FuR4xxUtacWhrEBAJUSrcZpxFAp82CK0BYbuVebs0yq9WtEllP02RVglXaYNA1Ylo11Ru7HjcS%2FUu5129180UK2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3236ccab51f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fq%2B1r28kchlAaVIO59LGeJh5QsNwlO3VA51dNiOOYFDVfjgNqUsQ6sqPXBJW7SnY72a1n3%2Fp5rsiey9kkrEtb2lv%2FxVGqtLD9rbyWclvb2z%2By2rYgWu%2BrXUZ5lGCOoI9hQGm5Q449yw0T58%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3236cfb231f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:06 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:06 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:06 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
731
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hduy92tkWJSFpnayYmpCmmoYtKDSXVnbqiUFpfHLCHIsTySOa69Yr1Oyl3rR8stkxkxBGuGfU3owmuNdbEbA%2BDXyOeGW5%2F3ECOorSK9IEmT4k9Sq2GVSwtHs7OPkfEScAomGgNkszdcgzvXmWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3236d59351f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d557da70d84a705a3f6ea1e66d5ab3d28774e2deed68caa5ea617d84a97d73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42030
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:21:06 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.5885299226706746
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
0eb2c9182086c9715ad16894fa435e7d496c6c253378fc19a40a92edae534478

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:06 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:06 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:10:06 GMT
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.5885299226706746
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D591E9BA78133DD1836C43142E2B35DD3&h=b8cc1a348164eebbfad543469dbd91fb&t=false&r=0.7385452113792079
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:06 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
878
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVLBMIMk6rx5SuFuWAHrSnDwO9njsgfx79hik49nAkcgq%2Fw42T9I3Rl5xc9vK2p1Y3tRHv35%2BfgIwzmzgRoanbT2M6xgO%2BZ2ATju%2FL7TaFX4udBeSKdFIKPFc93J4BwuuPKb7sNcVRVlGvU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3236dbc501f15-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49853
x-xss-protection
0
server
cafe
etag
9644047786497478708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:21:06 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
4492a914e9b04700af2edb74ed00cc61fd4bf91026dc7c52315c497445b13e82

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:06 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fbb0799ca2c1cef46bb9318c159959dff3a06fba19a5fdd0cea78822d6d27c8e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:06 GMT
Server
nginx/1.19.10
Etag
6d07f57b-cd80-43f9-b769-6899219df6dc
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:06 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:06 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:06 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		0
0
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:06 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ==
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.0.1628702465.0; _ga=GA1.1.1774276706.1628702465; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ%3D%3D; c=eyJpdiI6Ijh4eDI5T3VBWlY1bEdXbWpKRWlzWmc9PSIsInZhbHVlIjoiSlUwRjFoZDVWa01cL1hQNDNxSWpnMmtvSnIyRFwvM29lV2hweTU5WVwvN1pHWDdqZVhHemM2WUlEY056aTRtRk5yaiIsIm1hYyI6ImMyOWVmNGNiNGFlMjRkNjBhMGU0NDI5ZDc5NzY3MWJjYjNmMDEwZWI1MzU3NTExN2UxMjI0YTU2Yzg5ZDc5Y2YifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImdxWDQ2ZzRGemdpZXU0SHNzSEZqWFE9PSIsInZhbHVlIjoiU1RoWnpLS1Z1Y0NoRWliSFQ0R3VWRmJ4bXNLYVNtU28zSTNjVWVvODFCOE50dTRscWY4Zm5EUmZXaElXbHVBWCIsIm1hYyI6ImNlNGEzYTg1NjVhMDcyMjY1ZWJhYTc3NTIyZjE1NTI3OWI4NzE1NDc2NGExNjc0NmVjNTJlNjJiMmE3NDhlYTEifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cH6lpzrYtebxb2poKcSPOc4Y6Jj51%2Fjio9CFO%2FzwKu5X8Q63U06OV%2FcZGzXV7fG424LgilNzYzjjG9OEQFjsqAtA0jzUQR%2FC%2Bo4rOBOqv0WYvKUr%2Bfq8D29s9ztwviiq%2BV6pyW69Y72U0Dw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlMzZFl5ZFkyOU1HWkF0YnYwK1Fhb1E9PSIsInZhbHVlIjoiRUw3Q2orbzRUaVhGdkNYM0R3SEdmRldrNUs1NFJsOU5iUm1weHZHS3dsNHF4QTNKVlZ4djlwWEZ6OWtEQ09GbiIsIm1hYyI6IjFjZmMzZjdkNGQwMGZlNTM2N2Y2YTJlYWZlNzM0ZjIxM2E1MmY4ZTA1NjJmYWI0ZjVhMTVlOGYyMjZhMDA3NDIifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:06 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImpJekdIUG5nbVVGTG1GXC90cWV3THh3PT0iLCJ2YWx1ZSI6Ikp2N29zNFZMZGJqOUFuemhHY0Z4NU83TlluVWxHUGI5WXpEQXozYzUzSklPWTRJK3VLMlRjQVBFUnlCQ1ZcL3psIiwibWFjIjoiZTgzMmUyZGU0OTlkMmUyYTdiZDAwMTJkOTk4ZDIwYzNhZTc2NGM2YWMxMDgwMjhkNmIxMTQyNDQxYmIxZWUxYiJ9; expires=Wed, 11-Aug-2021 19:21:06 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3236deca21f15-FRA
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:06 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:06 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
31c8a742-87a2-43e1-9f13-37827ea2d5a7
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/31c8a742-87a2-43e1-9f13-37827ea2d5a7
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54972390dbaf659b943502bd6ef8dd2b6d1b65a8b8fe1b1aa0bf2a51783054de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51223
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:06 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
445
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
47
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
yjbE3uedgGg_tcG3YTpb1UqRGvBCyIgJ5rPanMCV1NUV5rxPq6Oovw==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:06 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:06 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.26204535804063167&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.9687707944223567
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1176251191&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=1774276706.1628702465&tid=UA-192660002-1&_gid=1730464773.1628702465&gtm=2wg891MSK8GMG&z=368120801
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63566
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529381
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
kA9bGolquDeI7BFXHCMwp7eGSckebMqYdWP_Z7qp4H_F1HXKWWJAdw==
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IlMzZFl5ZFkyOU1HWkF0YnYwK1Fhb1E9PSIsInZhbHVlIjoiRUw3Q2orbzRUaVhGdkNYM0R3SEdmRldrNUs1NFJsOU5iUm1weHZHS3dsNHF4QTNKVlZ4djlwWEZ6OWtEQ09GbiIsIm1hYyI6IjFjZmMzZjdkNGQwMGZlNTM2N2Y2YTJlYWZlNzM0ZjIxM2E1MmY4ZTA1NjJmYWI0ZjVhMTVlOGYyMjZhMDA3NDIifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlMzZFl5ZFkyOU1HWkF0YnYwK1Fhb1E9PSIsInZhbHVlIjoiRUw3Q2orbzRUaVhGdkNYM0R3SEdmRldrNUs1NFJsOU5iUm1weHZHS3dsNHF4QTNKVlZ4djlwWEZ6OWtEQ09GbiIsIm1hYyI6IjFjZmMzZjdkNGQwMGZlNTM2N2Y2YTJlYWZlNzM0ZjIxM2E1MmY4ZTA1NjJmYWI0ZjVhMTVlOGYyMjZhMDA3NDIifQ%3D%3D; c=eyJpdiI6ImpJekdIUG5nbVVGTG1GXC90cWV3THh3PT0iLCJ2YWx1ZSI6Ikp2N29zNFZMZGJqOUFuemhHY0Z4NU83TlluVWxHUGI5WXpEQXozYzUzSklPWTRJK3VLMlRjQVBFUnlCQ1ZcL3psIiwibWFjIjoiZTgzMmUyZGU0OTlkMmUyYTdiZDAwMTJkOTk4ZDIwYzNhZTc2NGM2YWMxMDgwMjhkNmIxMTQyNDQxYmIxZWUxYiJ9
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IlMzZFl5ZFkyOU1HWkF0YnYwK1Fhb1E9PSIsInZhbHVlIjoiRUw3Q2orbzRUaVhGdkNYM0R3SEdmRldrNUs1NFJsOU5iUm1weHZHS3dsNHF4QTNKVlZ4djlwWEZ6OWtEQ09GbiIsIm1hYyI6IjFjZmMzZjdkNGQwMGZlNTM2N2Y2YTJlYWZlNzM0ZjIxM2E1MmY4ZTA1NjJmYWI0ZjVhMTVlOGYyMjZhMDA3NDIifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNRYGGHLhzK9NjdMt80WpiKdcfMVK1qpTMslIWlj8u9dV9vww9NDTFI7lmyq274M%2FGjX3bhGoSnFsYIajF7D2Jz5WJMJxDrjW38YHdjN%2BQOVkylO0b0rdJG4R1D5WoFToimWQkx35N%2F5j%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImVlOWs0VVJqeDB1d3VxZUdENExpWGc9PSIsInZhbHVlIjoiMFZGWTVVQ0FrOTRtYmRrSWdqN0JFN09KT1dSSEliZnI4MkJ3OTF3bmRGdDFyenA2MlZoNDkwbmwyb0hCQkdPeSIsIm1hYyI6IjJjYTM2OTgyNzViZGE1ZDVjY2YyODU3N2U2YTI3NTMyNzhjMTNmODE4ZmZmODdkYTU2ODRhZWE5YjY2MjIzYTUifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:06 GMT; Max-Age=7200; path=/ c=eyJpdiI6IkFQazh1VlQyazBndTJOMmJJaTNLVXc9PSIsInZhbHVlIjoiOU9EZzkzNWwrdlpDb2JaNkh1SmgxOFY2c05Qc3dRODFqSVBSV3MrZVQ3RFJITEpPd3RjNVpmYnQ4a1JDbFBZMSIsIm1hYyI6ImNiZTM4MmU0MGM3NWUxOGE2NTU5ZjJlMTBiMGE1MTU1NTAwMTg4ZWQ1MmJmMjUyZDVkMzhhZmQ3NzlmZDkyNGMifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:06 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3236efe671f15-FRA
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame EBA5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
znM32F5GfSyDRtuPiYPfHsINsWkxUBOhZHH0vigBzZKcKfJEQwKmwQ==
age
2135076
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:06 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:06 GMT
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:06 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:06 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ef11962b51a24019fad978a72cef9ac8d6047984f279fe5c0d3e5dab4d1f4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6ImVlOWs0VVJqeDB1d3VxZUdENExpWGc9PSIsInZhbHVlIjoiMFZGWTVVQ0FrOTRtYmRrSWdqN0JFN09KT1dSSEliZnI4MkJ3OTF3bmRGdDFyenA2MlZoNDkwbmwyb0hCQkdPeSIsIm1hYyI6IjJjYTM2OTgyNzViZGE1ZDVjY2YyODU3N2U2YTI3NTMyNzhjMTNmODE4ZmZmODdkYTU2ODRhZWE5YjY2MjIzYTUifQ%3D%3D; c=eyJpdiI6IkFQazh1VlQyazBndTJOMmJJaTNLVXc9PSIsInZhbHVlIjoiOU9EZzkzNWwrdlpDb2JaNkh1SmgxOFY2c05Qc3dRODFqSVBSV3MrZVQ3RFJITEpPd3RjNVpmYnQ4a1JDbFBZMSIsIm1hYyI6ImNiZTM4MmU0MGM3NWUxOGE2NTU5ZjJlMTBiMGE1MTU1NTAwMTg4ZWQ1MmJmMjUyZDVkMzhhZmQ3NzlmZDkyNGMifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; expires=Wed, 11-Aug-2021 19:21:07 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:07 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXmDRs5jnE4Kgufri34gt40kNL9E7t6oSMfATJOmxpo1JAhLl2%2FkHycLUcMc8TKkhdodONMZjgBPmpH2Nt9ro1Rk7h%2BEzKyAppGe%2FDVjPkKoEdMKxcNUDsjQ%2B95%2FW%2FCR8CFDwqxGDCjOZ%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d323713a271f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:21:06 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3914
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22ugTpPw1L%2Fc14bwaWA0huawHpF7E%2FNnuuSsk0ij%2BBZ14c8KuZk96A2cRyESN3YErUxVCAUa6d3po2JIpQcNnoYzLHgsGkkU7YLhmYNAyC%2BFMt52EofJd8hHPdqFVG1or5l4wQkKJEzV3i0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323733e4f1f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3914
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zk8swyZLHAh9c73XjiX08xl2TWodcWBYGYgt9yfEt7bSCd7cs0OxISHz4g3SpvLrfK7I2d0R%2B5HjqRuZOMiwtCyvReVIzlqmyd%2BcCX1ukmommx2eP0rLlEmN%2FZWWuP7Wwbl%2FtIE4o5XeruM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d323733e541f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:07 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1157
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLb9jsTiP8fdGbsLDaJ6yn1lEaa8NZwQ82pdGCy84PkzOmnIlGlMuwT9vQ6hDrsujY27kx5ICCTdqExPfAVSULGYgQJfjYumYm4fh9HAdA2%2Fr3GLdrW04316MWLi3PzDe9T%2FfUp2ardv8v8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d32373ef871f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3903
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9VGTnyEjMIS4upBrpkx3Hn72azDj%2FyFz0m7t55iaghho8ys%2FdL2%2Bloh46K7GbocZoNnqS6uSgsBCd6B6hPuF9QFUw7A0oF0gruvOms0ikOxGlhlmkIxYOdMrOlizqDxxf40WXXX%2BVsY33w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d32373ef891f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmXayd1sJOBVzDmn1a2G%2Fz1%2Ba%2BvRgvUzi3NAlWwFuUM3wDdF7hMBKWvg3OtJXCdotQgC2FvYGtVB%2FndYaoDXWAwzfKqzjfUmf2MeGCHNPwIqzE7aZyr%2B73nAxHso9ThVD0uRyNhLy0ikLUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d323735e811f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:21:07 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3913
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1ZZ6wYBKD365WYAp5Z19QvVbxYizSsUW8%2B0BCeWy4c0yBOn1nAuiSr324jqEb1SsUl3PfGbjbU3ZogApYHbxGIsLtn4dpcQfhPO7DHpSuhxXx%2F1iW4IZgzDk%2F5y43B62OHYgDbBMsXtBvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d323736e981f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgnKc67ldRp0K4BeT%2BYjVR%2BYFQyvcIUVDrOY2RmclBfW0%2FVAH%2BZpU%2FB3Uy4juvscxbVyqAknhOMZOUUztDnenIgiL5apI%2Fqko9gSJ30HaoI0bTZdwXo5PV0SSP9udfUCk%2F44t7ms2Djpu0s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32373af1a1f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:07 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:07 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:07 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
732
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9LrMolPTJ454ZjiIPGcgbG2EwfZDgl9uuf02ffhPkzmlfZS6vBWvbCJY5UDSBq8GkGLzwR%2FIjdcNcFLzry8DJoKANPSJKL5LJN7J3aLa%2FwNTEEuAyxFZUcPKSQKYtEotoaXMkIULFalBKWusQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32373ed391f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d557da70d84a705a3f6ea1e66d5ab3d28774e2deed68caa5ea617d84a97d73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42030
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:21:07 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.055278134949750424
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
be72cb1fc217e4fc460203df30cd06a08f2eade76e347398fc00f6781bf38f95

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:07 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:07 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:10:07 GMT
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
879
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEnaicgpT6pO1GKjazAR0rh4emejpM8o28JW480u0ekx8oSdW4YPPHUwOLSggeqfKXB4O3%2FY7D79eE5QEG4kZQgMvI%2FVZISQsGK3%2BoQwqz86XoNMRmlR6MtXvi2AfyVqCR9%2Fv6w8GdUtmOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3237438121f15-FRA
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702466.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0%3D; c=eyJpdiI6IlZkNzZZYXQ1anVxWHMzbmZ5Ynp6aVE9PSIsInZhbHVlIjoiTG9McjR2OVduQ3ZSa1NkYjJ3M2Iwczh1QnkxQlZjKzZjYnpkRGd0UjEwUEt1aWk0MmtoZkRnSDlYcWNLV3drTiIsIm1hYyI6ImE2ZTNmMjJjNTA1NGI5OWI1OWM5MWMxOTc4MDgzYTNkYTI2YWUzYjZmYjhlNjkzODgyYmY0M2E2YTA5YTRmZTAifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IlFDR3BuczFHeTBpcENXOXptR0VXa2c9PSIsInZhbHVlIjoiVGtUSEhEVG9ST2lmUzJZSUIzdXJ5dGlzUGlnNDRRWlZqQnBoXC9pR0FJUzVLSnFCNHhlbjltbkZtVENFTnlDZTYiLCJtYWMiOiIyMjBlZDZlMWMyYWIyMTZjNDM4ZTliMWRlZjZiNmU3ZjMzMWExZjNhYTk1YzlmMDI2NjRjMzA3ODA3MWQ1NmE4In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=344l1TUCHw7ZR9lyrIlbiYcMcJIHh6r8hGpU8cOI7Bz%2FyaCKqHkq5lTMfW57MnnO%2BxpXsUCpdN8IeWVzxMOucjD97NH3hh%2FMKS0s8uqWRmLb5FoW%2BCYexQUo1g7bzCBGa%2BMGN7U5qTH4P04%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InFSaWRoWWdueXpLbkI2UzFBV1RBV2c9PSIsInZhbHVlIjoiUnZZTFlXT2l4TnBlM2V3RlVxcWFcLzVycFhoVFMwN0lXXC9CdmZuZFRPa0RlVkxQTW5iTzlLVVU1TXZucDl3XC9sbyIsIm1hYyI6IjAwZDY3OGE1NjE0NzkyZjRkYmI2YzkwOGNjMmI5ZmU0N2Y4ZjhiMDUyYWViNTVhZjlmOTc1MjkxOWEwZTVmMmMifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:07 GMT; Max-Age=7200; path=/ c=eyJpdiI6Img5MncwMm81S1BjQk5ubElEWFY1Mmc9PSIsInZhbHVlIjoiSjI3NEZPQXJjeDBiM3JqZkFGUFB0TGlWYWtPbWJrSlhhV1RpK1h6NFp6NDE0TU9cL1cwbm9vMEJwTUdqMXNVM2siLCJtYWMiOiIxNzI2ODkzNjZjOTkzNTE0MTRlNTVmMzg2ZGYxOTFhOTYzMjAzOGRkYzZlMzRiZjUzMjVmZmNhYTg3NTU1Y2QwIn0%3D; expires=Wed, 11-Aug-2021 19:21:07 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3237458641f15-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:21:07 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2edf39836d0ca4714e4d6f82d0669fa32d2c491296a60351886515d5e9816bc7

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:07 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e5c59ea0883809e136511651e777fcb487c61a9e41d1b31dc1d684496a9d0ede
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:07 GMT
Server
nginx/1.19.10
Etag
01b4edaf-fe0c-4d8c-b63e-2732df72d8d9
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:07 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:07 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:07 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:07 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:07 GMT
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:07 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:07 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
c76cd94a-13a9-43b7-a0a4-73f335565a66
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/c76cd94a-13a9-43b7-a0a4-73f335565a66
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b191cb52e5cbb67b666e9c842dc953a6e6fc043582e37bbdc5d80896789d3de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51224
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:07 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
446
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
48
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
uzFa02G8eyoms1NDQ7s7USShv9f8EHnRMr1Jk28uJnOKQpl08bufPg==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.055278134949750424
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D591E9BA78133DD1836C43142E2B35DD3&h=b8cc1a348164eebbfad543469dbd91fb&t=false&r=0.6598476644870355
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:06 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:07 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:07 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=657807782&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=1774276706.1628702465&tid=UA-192660002-1&_gid=1730464773.1628702465&gtm=2wg891MSK8GMG&z=1660927675
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529382
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
HE7PB9ts7cTBLani4znqsRnL_B2j1xyGmeT2B-6SeMk5kNqphbBhgQ==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.4789797715547084&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.701131357697012
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 88C0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
4JDTeE7_4qE-0BCgOpEK0YlohaG7z143jFjSrAFkMWVUYPPYTvcE_Q==
age
2135077
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6InFSaWRoWWdueXpLbkI2UzFBV1RBV2c9PSIsInZhbHVlIjoiUnZZTFlXT2l4TnBlM2V3RlVxcWFcLzVycFhoVFMwN0lXXC9CdmZuZFRPa0RlVkxQTW5iTzlLVVU1TXZucDl3XC9sbyIsIm1hYyI6IjAwZDY3OGE1NjE0NzkyZjRkYmI2YzkwOGNjMmI5ZmU0N2Y4ZjhiMDUyYWViNTVhZjlmOTc1MjkxOWEwZTVmMmMifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6InFSaWRoWWdueXpLbkI2UzFBV1RBV2c9PSIsInZhbHVlIjoiUnZZTFlXT2l4TnBlM2V3RlVxcWFcLzVycFhoVFMwN0lXXC9CdmZuZFRPa0RlVkxQTW5iTzlLVVU1TXZucDl3XC9sbyIsIm1hYyI6IjAwZDY3OGE1NjE0NzkyZjRkYmI2YzkwOGNjMmI5ZmU0N2Y4ZjhiMDUyYWViNTVhZjlmOTc1MjkxOWEwZTVmMmMifQ%3D%3D; c=eyJpdiI6Img5MncwMm81S1BjQk5ubElEWFY1Mmc9PSIsInZhbHVlIjoiSjI3NEZPQXJjeDBiM3JqZkFGUFB0TGlWYWtPbWJrSlhhV1RpK1h6NFp6NDE0TU9cL1cwbm9vMEJwTUdqMXNVM2siLCJtYWMiOiIxNzI2ODkzNjZjOTkzNTE0MTRlNTVmMzg2ZGYxOTFhOTYzMjAzOGRkYzZlMzRiZjUzMjVmZmNhYTg3NTU1Y2QwIn0%3D
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6InFSaWRoWWdueXpLbkI2UzFBV1RBV2c9PSIsInZhbHVlIjoiUnZZTFlXT2l4TnBlM2V3RlVxcWFcLzVycFhoVFMwN0lXXC9CdmZuZFRPa0RlVkxQTW5iTzlLVVU1TXZucDl3XC9sbyIsIm1hYyI6IjAwZDY3OGE1NjE0NzkyZjRkYmI2YzkwOGNjMmI5ZmU0N2Y4ZjhiMDUyYWViNTVhZjlmOTc1MjkxOWEwZTVmMmMifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoprF2Pj46T2HF10PK5%2FMhxbHmUDT9BjPwiWLmGC7Z%2FjgM0UTxqG1j1IYJGNPmAVcA8Qho4zsjgOvZPtWjRmummweq9a8TyaxnLLoTHTmpyZf9VYWT%2Fl0IhC7QT5S9C2RQm1kU2nCnMaZ9g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IllRanJKREhhdjJpZ29vSUU5UlpWZ3c9PSIsInZhbHVlIjoiTko1OTFIWWhQYm1JU1ZGRVNOb2JRMitJZ3N6bWNnb0htMzh5RGlQT0tZODBJcXRxb1FHQ0ozNGNcL1BmdCtRdHgiLCJtYWMiOiIyZjRhYTNjYzI1ZjJjYTUyMmM3NmQ1ODY3ZjIxZTc5YTMyNjhlYmZjOTNhODI3ZTE4ODIwZTc3OWYzZmJlOWNjIn0%3D; expires=Wed, 11-Aug-2021 19:21:07 GMT; Max-Age=7200; path=/ c=eyJpdiI6Inl4R3hScWNHTitadnAzTUlEV0dieFE9PSIsInZhbHVlIjoiTjBnUnlaUlI3elU1VkJ0M1Nnd256Y3hRN1BPMFFuVGs0NjArQU9JWVwvM1c2MWhaSXA1c1FTa0NUMVRJblc3eDAiLCJtYWMiOiIwMzEyNTdkZjU4N2Y2YTljN2ZiMjJjOTAzODc2MWZhNmIwZjgwODkyNTEyZjRhODhiNjE3NmQ4Y2Q3Y2I0MDQ0In0%3D; expires=Wed, 11-Aug-2021 19:21:07 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d323758ab81f15-FRA
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:07 GMT
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:07 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:07 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
/
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
625833e04e552909f5750b25038c3aa617725bad82a303d5a2709124d7605bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IllRanJKREhhdjJpZ29vSUU5UlpWZ3c9PSIsInZhbHVlIjoiTko1OTFIWWhQYm1JU1ZGRVNOb2JRMitJZ3N6bWNnb0htMzh5RGlQT0tZODBJcXRxb1FHQ0ozNGNcL1BmdCtRdHgiLCJtYWMiOiIyZjRhYTNjYzI1ZjJjYTUyMmM3NmQ1ODY3ZjIxZTc5YTMyNjhlYmZjOTNhODI3ZTE4ODIwZTc3OWYzZmJlOWNjIn0%3D; c=eyJpdiI6Inl4R3hScWNHTitadnAzTUlEV0dieFE9PSIsInZhbHVlIjoiTjBnUnlaUlI3elU1VkJ0M1Nnd256Y3hRN1BPMFFuVGs0NjArQU9JWVwvM1c2MWhaSXA1c1FTa0NUMVRJblc3eDAiLCJtYWMiOiIwMzEyNTdkZjU4N2Y2YTljN2ZiMjJjOTAzODc2MWZhNmIwZjgwODkyNTEyZjRhODhiNjE3NmQ4Y2Q3Y2I0MDQ0In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; expires=Wed, 11-Aug-2021 19:21:08 GMT; Max-Age=7200; path=/ c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9; expires=Wed, 11-Aug-2021 19:21:08 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3Zjsznt3rbBpkqRto6m9N2x8fapYAMls9iaLiX2AN8YBpzR88NGzgylmbNsWBbxkz%2Bmgh6n9WB1PjWnDuwBtUwb7dMKujEwMv65YrdK0mvYrpTba6C%2FDragqb3FMFXLVpzt0oc3bGuGPJ8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d32377ff8d1f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:21:07 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3915
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2toSMPfulifmQGAoliJvxlFmGkmDG9Wn%2B%2FsFf0xP8uTb7mHpxGvpXfBdhfrOCz%2BqLw%2Fxd8QZ8%2BiMSOcnoio%2F2RezuQR%2BditpLjU6IkLz7xtEhmWDSbTbMolw0d2EiPhBCJzdfDCb%2BcZmC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3237a7b981f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3915
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6borhtUyE7cEaFVa1m0S9eWnZUmOWR0FTgUQaD3o%2Fbc%2F0DidZAc2siffNqhau24Yh0Yo87CVUjbeHtlBmg6DqWVzKCK%2Fa13maCyMSXF4waeOI707EpjyrQ%2BP%2BdCaX1d77u%2BBrMm6HuIvgrM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3237a7b9a1f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:08 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1158
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvddGqz9mXjO2NZekmoCXdn3Ty%2BCR3raMG5wqapWAFFqMP166SaeMr5gR9IFxktJ16KN03Ua8Ua9zBaVO%2F6zUP3v5zfbm3DLdRwFiBmCeIG4clzcJFG7KmT2wZDkakILcz0NVCSn5b%2BYVrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3237b3ce31f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3904
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTcjwboAlUZzNY1TK7waezXRsGBbjfvxfJJZpkB3RYzNM%2BOyBWyxuDIFUgH%2BTLiwo1%2BN%2BEurwpuva2j7VvWi0PAvef8gy3ikPhl4m0EjfeHO2EVa4lyAd8kOm6zdPT4x1GuZkiXx78JSJ7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d3237b3ce51f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZI63EW2yMNtDyj7mnIuOffmC9ncm3qhKq44hqdylkxcuggt9pPc9aRTy8wrU1OwMBNgCf2l0XyUfJXCfSCm7O%2BYc69qqRatgIbeDsncs4ODPUWJfdRyCWD9AL87IIcNvWWSKk%2FbGfOaFMhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3237aabeb1f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:21:08 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3914
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYCptyRIQ9K%2BQBTyejS9jI7PeLORnUNOJbHPNQWOm2bRlHTSZVLoWpCWeVYpitcFkoRi1KQh3QUWS8jw1kUEAU7CyBzaa5Zocp0KyEfuMdWRKs4OkI6cNDKXnIToRGTFVIEE%2Fnna6ztgWX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3237abbff1f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bnYmSa9zwdeo6%2Fa8gRNxXMktmeH4%2Fn9OvQSSyoAqgOiM5Fq6ujWSJ0v5WLnVAUAq9744fic5nAe%2Bt1CC7tYHT5tYeaYfkiieaw86VbgKN1ri908fumbYjifIZrPpNJGD%2B%2BvbbSOBByYgO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d3237acc221f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:08 GMT
hp
in.xr117.xyz/ 		382 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:08 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:08 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
733
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZF4yNX3qM9W%2BBHulF7StK2FKIKYvgy7PA2uUS0fW5QSa40slL%2B7jF9s3U5%2BDxw38Y6Iz300KHPAJe1DxO2e0t55azeskRxRs25EjL1jDvZL8wvheYuNJzx8y5wYWahs7oGY46xiY8r8VKKVig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3237b398c1f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed95f3797361e43a39871b0e447c287ea998e3b7abdfbae6e58ed0cbbb1ac115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42028
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:21:08 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.9204276338812543
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
eadb133f4b8d83405ea42a67245afae0d302a65a8a1807a75b41084c084d4a8b

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:07 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:08 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:10:08 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMzsbuv%2B5gGhmR61u2gR0PnBBXy6ju6s%2BMia%2BTIZKiGuEthS5FfR1qfgvmUNHN%2BXlF8YDGV0chKVygZln%2F7UdQzYKnl%2FIV2ikBn2PLmjJ5KIQtPVL%2F192IbfoagV%2FX9BylOMeeUsrV6MNvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlZXZWR3NHlQSHdXVW9EbjdMUGl3RVE9PSIsInZhbHVlIjoiZ3BGZTFhMTVCNSt4MFZPck55ZG80RFFyVUJiZzdhUnRtOXVrU3YxYVV4TEZRbkI4N1ZDVCtMc2V1a2tKUDNYRiIsIm1hYyI6ImY5ZTg1MGFjYjAxM2E3ZDI0ZTk5YTY2MWJmZjQyN2IxMmIzNjg3OWUwMGM3YzE5ZmJmNjcwODBhNjMwNGQwOTgifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:08 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImdISzBcL2hKU2RlOVVEdDVveFpsWVdRPT0iLCJ2YWx1ZSI6IkR0N0J1SEpodnZCZjcxUFNxbUFyN1wvTTVGUDd3YzA4bW9jdGRyTFdMTEZkWXVTRldcL0kyamY2akc1NU93NytJNyIsIm1hYyI6IjUyZGQ4MDIxYjIwNDQ3MGI3YmNkODUyNTU0ZTcwMWM4ZDQ5MzkwNzA2YTgxY2FlZGIwYjIxYTlmMjgyNWJiY2EifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:08 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3237b9d831f15-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702467.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ind6eXB5UnErN3F6Vm1vQWVJNXBRcmc9PSIsInZhbHVlIjoiUEJRMGVRbFNzRnc0XC9pS3kzWDdkOU5CR0xrTitUNUpQemNVR0ZXZUdydUd3TFRMZ0tUMmNsR1JiTSsxV1FkWnAiLCJtYWMiOiI2ODcwMzA4YTZiYjg4MDMwYTA0MmE3Zjg3NzFkZmYwYjVkNmE5Mzc0ZTAyMjYzZjMxYWRjOGJjMTgzODc1ZDYzIn0%3D; c=eyJpdiI6IjNCNGx2NlwvVE9JdzJPQlFXQTI0T3Z3PT0iLCJ2YWx1ZSI6IkpNUjQ5VWJ1ZlBVWnFuRkRKbkdMb2tkV1p4WjdJUStrRGlzXC93MVlKUHo0TlVyREU1aG9JMDN2NWtueWU4UVFHIiwibWFjIjoiOTc3ZWYzY2JlNDY2ZjM0OTNhN2MyOGI5YWM1MTk0YTQzNDJlMDQwYWRiY2MyNzAyNThiNzE4OWE0NjJjYjQwYyJ9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
880
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkU7nJrkKcj39XnN4PX4PNzvGvbapi5t%2FcE8BLNhj6rScyuAIGmCiL%2F0RZpTDKBgQrIXps%2F2rwbz7xhKtSP%2FPkody5dvFOhj%2FqLSpghFi2lu53QHWi5d%2Fd3bGBpY%2BlQVsZxe0qrEJkb7j4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3237b9d861f15-FRA
8160b68b-4aec-452c-a2b7-7b873a298e00
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/8160b68b-4aec-452c-a2b7-7b873a298e00
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:21:08 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
5cd59eccd9d86662fdd628af254621d149f52b1bc946606e7c3d848d692f2f38

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:08 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b00bf2b0a3755f6d875304bb4e9a7216ab2cd2cbf3291b3a626a8ced20489597
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:08 GMT
Server
nginx/1.19.10
Etag
f4223030-0208-430f-bb7a-3fc53536795a
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:08 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:08 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:08 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:08 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:08 GMT
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.9204276338812543
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D591E9BA78133DD1836C43142E2B35DD3&h=b8cc1a348164eebbfad543469dbd91fb&t=false&r=0.8345558026454403
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:07 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:08 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:08 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe8a701e5552cb8f996388184dc59e2c3f04f37581d21fcfc1c4f50ddf04d107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51222
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:08 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
447
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
49
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
Wyreyn_VVUSO9RSzf7PqadD_NcoEtpOspt68RSE-KQENSQFGK4LdMw==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:08 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:08 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.03313001664299309&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1628673055&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=1774276706.1628702465&tid=UA-192660002-1&_gid=1730464773.1628702465&gtm=2wg891MSK8GMG&z=851361341
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63568
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.3304477477290775
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6IlZXZWR3NHlQSHdXVW9EbjdMUGl3RVE9PSIsInZhbHVlIjoiZ3BGZTFhMTVCNSt4MFZPck55ZG80RFFyVUJiZzdhUnRtOXVrU3YxYVV4TEZRbkI4N1ZDVCtMc2V1a2tKUDNYRiIsIm1hYyI6ImY5ZTg1MGFjYjAxM2E3ZDI0ZTk5YTY2MWJmZjQyN2IxMmIzNjg3OWUwMGM3YzE5ZmJmNjcwODBhNjMwNGQwOTgifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; XSRF-TOKEN=eyJpdiI6IlZXZWR3NHlQSHdXVW9EbjdMUGl3RVE9PSIsInZhbHVlIjoiZ3BGZTFhMTVCNSt4MFZPck55ZG80RFFyVUJiZzdhUnRtOXVrU3YxYVV4TEZRbkI4N1ZDVCtMc2V1a2tKUDNYRiIsIm1hYyI6ImY5ZTg1MGFjYjAxM2E3ZDI0ZTk5YTY2MWJmZjQyN2IxMmIzNjg3OWUwMGM3YzE5ZmJmNjcwODBhNjMwNGQwOTgifQ%3D%3D; c=eyJpdiI6ImdISzBcL2hKU2RlOVVEdDVveFpsWVdRPT0iLCJ2YWx1ZSI6IkR0N0J1SEpodnZCZjcxUFNxbUFyN1wvTTVGUDd3YzA4bW9jdGRyTFdMTEZkWXVTRldcL0kyamY2akc1NU93NytJNyIsIm1hYyI6IjUyZGQ4MDIxYjIwNDQ3MGI3YmNkODUyNTU0ZTcwMWM4ZDQ5MzkwNzA2YTgxY2FlZGIwYjIxYTlmMjgyNWJiY2EifQ%3D%3D; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IlZXZWR3NHlQSHdXVW9EbjdMUGl3RVE9PSIsInZhbHVlIjoiZ3BGZTFhMTVCNSt4MFZPck55ZG80RFFyVUJiZzdhUnRtOXVrU3YxYVV4TEZRbkI4N1ZDVCtMc2V1a2tKUDNYRiIsIm1hYyI6ImY5ZTg1MGFjYjAxM2E3ZDI0ZTk5YTY2MWJmZjQyN2IxMmIzNjg3OWUwMGM3YzE5ZmJmNjcwODBhNjMwNGQwOTgifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDPhAc7wkzslGl7C2MpyjKdcFp5vlCbB9jXrERb0v91fpLPDzKMjXkl8IDFC4FyAOYPxtoJkbqhV4gLHLTvQUt8gXlTxTnQDz6iSLdgW1qnU0v26TzhXlGRUadhXlTGUXJ%2FhadhYiVkAcZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Ilk0WTF4QUU3QmtVVzFrbTNCSVZta0E9PSIsInZhbHVlIjoielwvWThvSDFuSFhNWGhDTE5vakpGem9Vc3VUZGtHVUMyVElpSWVmYUQ5UGszNmgyV2FsQ2ZLbmlpNjl2TGlmWUkiLCJtYWMiOiI4ZmNkOGU1MTgwZmVlZmYzZTU2NmJiYTVmNWY2N2U5NDY4NmFhYTkwMmJjMDQ2NzAxZTQ2YTdlYWI0YmZiODBjIn0%3D; expires=Wed, 11-Aug-2021 19:21:08 GMT; Max-Age=7200; path=/ c=eyJpdiI6Imw4ZkVnUmJUQ3ZcL0Y2NEZJVHdyOUNBPT0iLCJ2YWx1ZSI6Imp3WkpNd0tmZFJmaTlRYXZsT2JPNFBWSmZTUDY1akRhSFVNdThvZDJvcGQ1RnZzdVNRVGU4MWtKZ2Nyd0k0bkoiLCJtYWMiOiJhNGE0NDRlMDIxOWM3NGE5OGRmOTc5NmJmNzllNWZkZmM1OGUyNWYzY2I2YmFiZGZjMjhkMWU2NDcyYTQyNWZhIn0%3D; expires=Wed, 11-Aug-2021 19:21:08 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3237caf911f15-FRA
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
p8UY9SqUfZ3Ig7uEyobV2vS17O5K-tHOd-P0XvFbSalBEDyZ5rWePA==
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:07 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:08 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame C46F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
5-0F9o7Z-saqaHt10aneOW9T3QL3c3S-1QDbUjHAvKeFzekdHFS7Zw==
age
2135078
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:08 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:08 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/time_visit/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Aug 2021 17:21:08 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
Primary Request /
tgfunnls.org/dly1st/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d92f757126264cb7d380b7ee209d364687036843fe907f294077da7823afc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tgfunnls.org
:scheme
https
:path
/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6Ilk0WTF4QUU3QmtVVzFrbTNCSVZta0E9PSIsInZhbHVlIjoielwvWThvSDFuSFhNWGhDTE5vakpGem9Vc3VUZGtHVUMyVElpSWVmYUQ5UGszNmgyV2FsQ2ZLbmlpNjl2TGlmWUkiLCJtYWMiOiI4ZmNkOGU1MTgwZmVlZmYzZTU2NmJiYTVmNWY2N2U5NDY4NmFhYTkwMmJjMDQ2NzAxZTQ2YTdlYWI0YmZiODBjIn0%3D; c=eyJpdiI6Imw4ZkVnUmJUQ3ZcL0Y2NEZJVHdyOUNBPT0iLCJ2YWx1ZSI6Imp3WkpNd0tmZFJmaTlRYXZsT2JPNFBWSmZTUDY1akRhSFVNdThvZDJvcGQ1RnZzdVNRVGU4MWtKZ2Nyd0k0bkoiLCJtYWMiOiJhNGE0NDRlMDIxOWM3NGE5OGRmOTc5NmJmNzllNWZkZmM1OGUyNWYzY2I2YmFiZGZjMjhkMWU2NDcyYTQyNWZhIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; expires=Wed, 11-Aug-2021 19:21:09 GMT; Max-Age=7200; path=/ c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:09 GMT; Max-Age=7200; path=/; httponly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-proc
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdoF2osvtAaPJOvKDE4l0XU%2FOsgJR89Aa%2FaIu%2BBxI1nVrysIj%2BtlutArzQMdro6CwfgfA3jB9axsdVqtgrzIqkjQnP9pbvnlpoimAbIMRPL17%2Fxj%2FtTYuPMny3jpvTcuUkquxRxjjGRcVZY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67d3237f6c811f15-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0
forms.css
tgfunnls.org/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/forms.css?id=108aa07ef4cadffb88ba
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3916
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-5107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CnI3WyB3ZswIfWx16zVJWBXiYU%2F%2BH9WgMUNbRwTYMrq3BqXJnJaQxeJzjmBsPej7PRFIdnKPgw80sN1zuO0UwjUuo8Zx0m65LbMRDPBMftL%2BqLdDFyckreYtBpRXfllF6jKky64jMqMS3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3238188cb1f15-FRA
flow.css
tgfunnls.org/css/ 		385 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/css/flow.css?id=1a2dada5ba76c1b29ae1
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/flow.css?id=1a2dada5ba76c1b29ae1
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3916
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb9rH0iacHqXwSnxiCIuKyZBBwqcUU6g2vDUVZg89Sl%2FYP2xHlrCdUvbw8V0Z1gYjYyyhu38e2pJy47yUV7M%2BSHNQxHdAaoeyZPzVQCN1voTHGgbDKsMDEbdwwjMuL2zuxKTqBPjBPrm%2FHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
67d3238188ce1f15-FRA
funnel.css
static-13333.kxcdn.com/5275/build/ 		91 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.css
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf7b-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"0e60432e5a822d61eaf0ff2172f524ed"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:09 GMT
conversion.js
in.bd44.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/conversion.js?cid=OPTIONAL&et=CLICK
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/logo.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7f-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2455
last-modified
Fri, 02 Jul 2021 14:32:26 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"cded24bb8b99f2aa7ab4e4ddc59c28e6"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
top-arrow.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/top-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd188-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2961
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e2980701aad64cef71bd2296f5f6386b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
check-icon.png
tgfunnls.org/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/check-icon.png
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1159
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45018
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:27:10 GMT
server
cloudflare
etag
"61113b3e-afda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVBd0K1c2%2FwBR4BbfoDN9aT%2FE8%2BgLXI%2BA%2BW0zC%2B6ngjTVyNSCpzz2EOtcj056VCcoUEEvYat4dRjW3fiTLtd0P3LmZ%2BHyJiXaNx2icFMgQTgiYLpxEeB%2FqJnGAhIQmW6lIlBbYj0VZJ4su8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d32381b9101f15-FRA
safe.png
static-13333.kxcdn.com/5275/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/safe.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7e-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
10593
last-modified
Fri, 02 Jul 2021 14:32:17 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"e16845cf547d72f2f0b2febfa375d9f9"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
bg-arrow.png
static-13333.kxcdn.com/5275/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7d-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
7356
last-modified
Fri, 02 Jul 2021 14:32:23 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"0575766ae817ee467a729e846374d22c"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
check-icon.png
static-13333.kxcdn.com/5275/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/check-icon.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd193-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2273
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c34ab81524c5f98e40dc0dad59601758"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
spots-arrow.png
static-13333.kxcdn.com/5275/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/spots-arrow.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf82-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
5306
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32acdf2cce46993b09041ebed9d00140"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
john.jpg
static-13333.kxcdn.com/5275/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john.jpg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18f-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
9704
last-modified
Fri, 02 Jul 2021 14:32:21 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"ca826d01f1cbba3eb6e3e1f697bca6bc"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
john-sign.png
static-13333.kxcdn.com/5275/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/john-sign.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf87-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
6824
last-modified
Fri, 02 Jul 2021 14:32:43 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e77bdde18036a84289f7b89b03cddc0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
social-callback-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/social-callback-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd187-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2899
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"26e1186a209747d755be97f26d7fef17"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
facebook.png
static-13333.kxcdn.com/5275/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/facebook.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf7c-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
46358
last-modified
Fri, 02 Jul 2021 14:32:18 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"99efc09d6e35b01ef07e555c6c9c06ac"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
twitter.png
static-13333.kxcdn.com/5275/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/twitter.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf79-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
33933
last-modified
Fri, 02 Jul 2021 14:32:45 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1538bf85a2428c7ab27b923233ceac2d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
features-title.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/features-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18e-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2835
last-modified
Fri, 02 Jul 2021 14:32:24 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"8e8fd39ca90b9e536e71366f72e27061"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
feature1.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd189-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2649
last-modified
Fri, 02 Jul 2021 14:32:27 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"32e947291780f319b5424fb0fed97339"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
feature2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature2.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18b-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2845
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"a02cbfb7009f4eb7bca716371bbc6162"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
feature3.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature3.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd185-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2618
last-modified
Fri, 02 Jul 2021 14:32:44 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"1e439861ae0e257dd74094cd20495531"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
feature4.png
static-13333.kxcdn.com/5275/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/feature4.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18a-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
2573
last-modified
Fri, 02 Jul 2021 14:32:19 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"f042fbbf22d575de6d906249ec2dc324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
faq-title.png
static-13333.kxcdn.com/5275/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-title.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048dcf81-0060df2533-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3706
last-modified
Fri, 02 Jul 2021 14:32:42 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"b95f5e7ccaaf9e8f6f1117efa9ab100a"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
faq-list-title-bg.png
static-13333.kxcdn.com/5275/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/faq-list-title-bg.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd18d-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
1546
last-modified
Fri, 02 Jul 2021 14:32:22 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"567ea5254334fde95913b6cd592aad5f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
sad-face.svg
tgfunnls.org/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/media/sad-face.svg
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/sad-face.svg
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3905
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsTFxVt6qANmvaTN3SxfCuTsgwYWhBNYaEvFYW4NeHJEdlnF7wfbwBlHTP08tz1wmE%2FAQE3g%2BQLXlY8bK8JnYWCw5sXmRogyMqstEof8eYfK7FIE8hJbDQGd7yfg9dhOoril%2BtlwcwfDURc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
67d32381b9131f15-FRA
email-decode.min.js
tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 12:35:03 GMT
server
cloudflare
etag
W/"610bdaf7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDtSo5BMjGL%2BKLlq4eiSusktvVivgU%2FLrzj1uAnMuTbc6lQCoBEOR%2FuuvI1SrAlc1wxjIoFhg62Ycb32OboBsc0LsuzKVbVw4uZbtItzmurBNNfqMfHTMrNcsOTnb2HWes7%2FmGMV8dqp9qU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d3238198f01f15-FRA
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 17:21:09 GMT
redirect.js
tgfunnls.org/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/redirect.js?id=bd8708e91008076c9ff9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/redirect.js?id=bd8708e91008076c9ff9
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-proc
3
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3915
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:34 GMT
server
cloudflare
etag
W/"61113bce-a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoWBRX5JhXKHrC77wVVctsNXiDPaKquzujQygp5RPOdHHWQWb0hYFauzr80K5AiCVbdD5z3RNli5qqhe0uQBzPSDVIkcfN4Pyd5DXjzUKaNHTB3LPfs3CcPMttOtb3tYZ9UOfSaA5JMMEW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32381a8ff1f15-FRA
l.js
tgfunnls.org/js/ 		401 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/l.js?id=6cf7b69175b2a676ebf3
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
W/"61113bbf-645ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcjtVZ2oADPI%2B5Ta01oAoO%2Fmyj8aJLlWX%2Br4FCoERL0R11%2F2E13LyzfaXlLDJG%2FN0BTZq1dlG7qV0C%2Fyhu4c0Wrr2XtolTmvPJCwZcv%2BG7BhLAtY4klJ6ZsgMDgSY6Poto4uhZ51wvv4fSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
67d32381a9081f15-FRA
funnel.js
static-13333.kxcdn.com/5275/build/ 		954 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/build/funnel.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 14:31:57 GMT
server
keycdn-engine
x-amz-request-id
tx0000000000000048dcf86-0060df2533-12e87130-fra1a
x-edge-location
defr
etag
W/"545236a1390ffa369d186b44dab8e706"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556940
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
expires
Thu, 11 Aug 2022 23:10:09 GMT
hp
in.xr117.xyz/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.xr117.xyz/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.193.146.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-146-82.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:09 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hp
in.bd44.fun/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.bd44.fun/hp
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Aug 2021 17:21:09 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
tagstaticx.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagstaticx.com/tag.js
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 11:17:33 GMT
server
cloudflare
age
734
etag
W/"610d1a4d-97e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2%2B3IuCHZE935N0vx1LbSGA%2FQey9RLUVmw5sSzAOK3SPNx0vC0zh%2FZRApbD7025gJdqWVrCAERtjOSt9dtxGmKDc6Xfa25I7DFMMdfMulQVjavLADwPm%2FOiRL4oFrAmLz7y6EyePC%2Fg1OH2kxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67d32381be591f3d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d557da70d84a705a3f6ea1e66d5ab3d28774e2deed68caa5ea617d84a97d73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42030
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 16:21:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Aug 2021 17:21:09 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.9798388724043334
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
cfdf60443074ac77f62bb4e2e08b063402a7911267d91eb21e916b57d614a903

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Aug 2021 17:21:09 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bg-pattern2.png
static-13333.kxcdn.com/5275/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/bg-pattern2.png
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx00000000000000491e693-0060df2731-12e87130-fra1a
x-edge-location
defr
x-cache
HIT
content-length
3494
last-modified
Fri, 02 Jul 2021 14:32:28 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"9ff60a873ce8a83d6f92c07bbb97461d"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
money-bg.jpg
static-13333.kxcdn.com/5275/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/money-bg.jpg
Requested by
Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/5275/build/funnel.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://static-13333.kxcdn.com/5275/build/funnel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx0000000000000048fd245-0060df2533-12ed1804-fra1a
x-edge-location
defr
x-cache
HIT
content-length
196622
last-modified
Fri, 02 Jul 2021 14:32:29 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"00484ef568e5c529bc92d2698631954b"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
accept-ranges
bytes
expires
Thu, 11 Aug 2022 23:10:09 GMT
de-1.mp4
static-13333.kxcdn.com/5275/media/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static-13333.kxcdn.com/5275/media/de-1.mp4
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tgfunnls.org/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
tx000000000000004a44bcc-0060f54e68-141c7b61-fra1a
x-edge-location
defr
x-cache
HIT
Content-Range
bytes 0-124690623/124690624
Content-Length
124690624
last-modified
Fri, 02 Jul 2021 14:32:03 GMT
server
keycdn-engine
cache-control
max-age=31556940
etag
"c8811d0b7aa283893d6ec2a19899685f-24"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
video/mp4
access-control-allow-origin
*
x-rgw-object-type
Normal
expires
Thu, 11 Aug 2022 23:10:09 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C8Y8V9BH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54972390dbaf659b943502bd6ef8dd2b6d1b65a8b8fe1b1aa0bf2a51783054de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51223
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:09 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSK8GMG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
448
date
Wed, 11 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 11 Aug 2021 19:13:41 GMT
hotjar-2304105.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Requested by
Host: tchfunnls.org
URL: https://tchfunnls.org/code-v2/?hitid=w9ice5h00mfanhm9ifuh2q7u&qze=3&aff_sub=HD9&aff_sub2=QAMG_DE_DAILY_DE-CUR-003&aff_sub3=&aff_sub4=QAMG&tpsiteid=24232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-13.mrs52.r.cloudfront.net
Software
/
Resource Hash
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
50
etag
W/554685d5ec4d98228a799f0133f25b2b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
je8qaPI25dZ1GoS3cdLkNU03Pmz-jmxQLZQkqQupBlCq-4B1GZ3FNA==
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
10367682299435883224
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 17:21:09 GMT
version.js
tagdatax.com/ 		57 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/version.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
01a1c417dc936f998e2d2b78723622a154c0c415ec68e565205d9991d8e0783b

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:09 GMT
Cache-Control
private, max-age=63072000
Server
nginx/1.19.10
Connection
keep-alive
Content-Length
57
Content-Type
application/javascript
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ea5e6ce0b140a4f34e0791217b3394703c095156bbf31c2502a506b4e02ce6d7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tgfunnls.org
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
pix.jpg
tagdatax.com/ 		28 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdatax.com/pix.jpg
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 17:21:09 GMT
Server
nginx/1.19.10
Etag
8b77b56c-3c47-4db1-88d4-8756cec2394c
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:09 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:09 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:09 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:09 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
expires
Wed, 11 Aug 2021 17:21:09 GMT
tag-bf6f0d1e23328bedfed484057578ca4b.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		213 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=449005&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&f=1&r=0.9798388724043334
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:44 GMT
server
gams1
etag
"6113de9c-f358"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62296
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=449005&d=tgfunnls.org&u=D591E9BA78133DD1836C43142E2B35DD3&h=b8cc1a348164eebbfad543469dbd91fb&t=false&r=0.8405691300048708
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 17:21:09 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
locate
tgfunnls.org/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/locate
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0=
accept-language
en-US
sec-fetch-dest
empty
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D
:path
/locate
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3n7a9MORqDi6BueD47m4C8ioQTWrejd6LK0IPEktrmwjBl%2FOZ9E%2B%2BEoZ9FhqrWKlxcpwz1i%2BTm%2BmyDzCZgq%2F%2FTRDOhmN6Ss2B0jdeTKPMKB6JMuv3CrcOl7yidN%2BUo6QbJI0Vtyi9SJqKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImY2Rlo2cEFNRzYwbExEYWJTXC8wb2hBPT0iLCJ2YWx1ZSI6IlQ2ZHp6ck9MeUJYSU9SWmlDSlhnclJXTVhiUERDTFwvSGVPT2NtUndFSGZXTFFoOUp4XC9keTh5MG9yVjZjcmdWKyIsIm1hYyI6IjM2ODAzOGM2NzBmYmZiMDJlYzM2ZDYxY2JhN2NmZTcxZTA2NTlmYjJhOTQ5ZjVlNDMxZWIyMTdhM2RhOTc4YjIifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:09 GMT; Max-Age=7200; path=/ c=eyJpdiI6InhDSmVQY24wayt4XC9EY0xvbm5MN0xnPT0iLCJ2YWx1ZSI6IkFtVFJiWlZmTUwzRlwvcVE2NFhmOFZHN1J3aFkzRVFRV2xqdStZdkIzbG0xUUJhQkFXZHJsMmZXYkFFbFNuc0gwIiwibWFjIjoiYmJlMGQ3YWU4ZWRlODA4MzQ1YjUwMDZjYzgxYzgxYjBiOWI4ZWY4OWRiYTg5YjcwNGRiOWYyNjRlMTJlYTQ4ZSJ9; expires=Wed, 11-Aug-2021 19:21:09 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d3238239f51f15-FRA
flags.png
tgfunnls.org/images/vendor/intl-tel-input/build/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tgfunnls.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma
no-cache
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702468.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6IlB3d1ZcLzNzUkRQSUYrMncxdFVLdmZnPT0iLCJ2YWx1ZSI6IjZHWGtXU1pOM1draVEwMXo3Vm91aUFLS2VybkY4cVpvS1FOdWlDUytSV09GRDV2eVNQWjJiTHVCbUVIMFU2dUEiLCJtYWMiOiIyZWJhZDMwMDZjMjhlODA3NzZhZDViMGM4ZTc3YjNhMjEzYWI5YTIxMmE5OTI0YjFkYmM5YjdkZDNmYTRjZTFlIn0%3D; c=eyJpdiI6IitiSU4xOGFMSmRKWUJBZ0hIZyttb0E9PSIsInZhbHVlIjoibndZa3NVMzN3MjdLaXVDQnlqZjJ5UTlkUWo3enFkSVRRSDBNT3BWdEFSUUJKV3Y2eHljVUJEQ3pRdVd5NkdnNiIsIm1hYyI6ImI4MGQ1Yzc5NzBlNDAwZmE5MGRhOGJhY2NhMTQ0ZWQzNDg0MGJlMTJkZTY0YzM5ZTkzOTdlODUyMGU5NGU0NjYifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tgfunnls.org
referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tgfunnls.org/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-proc
2
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
881
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
70857
x-xss-protection
1; mode=block
last-modified
Mon, 09 Aug 2021 14:29:19 GMT
server
cloudflare
etag
"61113bbf-114c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnOqfoi%2FnAkqgCAHjGqkqIscWYtMCDcpx1gbxJJsbUipZGP5z0pyBjLamY0I%2BeMKFe5OeNp%2FbIIpA9ZOgSmmt3l8N1ZFb4gwg7xB%2FBSZnhA%2Fo2919O%2B4OTY%2FatZrk%2FWaD5LLciENKEgqfOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67d3238249f81f15-FRA
add
tagdataxrt.com/ir/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:09 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/ir/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/ir/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:09 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
c3550845-0582-4ba4-b118-cbc54113abd9
https://tgfunnls.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tgfunnls.org/c3550845-0582-4ba4-b118-cbc54113abd9
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
videothumbnail-1.png
static-13333.kxcdn.com/5275/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-13333.kxcdn.com/5275/images/videothumbnail-1.png
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://tgfunnls.org
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
etag
tagdataxrt.com/ 		0
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:09 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
0
etag
tagdataxrt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/etag?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:09 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=206367576&t=pageview&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&ul=en-us&de=UTF-8&dt=Daily%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=1774276706.1628702465&tid=UA-192660002-1&_gid=1730464773.1628702465&gtm=2wg891MSK8GMG&z=527884259
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Aug 2021 23:41:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63569
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-34.mrs52.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
529384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
9xULEJD11-mZMy0uADp4oL_yEFau-Kw8Qk3D-taPCTs4lDfbliY_yw==
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=3&vn=7.0&r=0.01840535936549048&u=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:08 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		572 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=449005&settings_type=1&vn=7.0&r=0.12690008634310357
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame EB5C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2304105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tgfunnls.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tgfunnls.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
qh8uqwpgHPIAhFv0Ofwo4L44aKoTzEcH22dbM3ju6wWtGYVZM_Rctw==
age
2135079
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-bf6f0d1e23328bedfed484057578ca4b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-encoding
br
last-modified
Wed, 11 Aug 2021 14:28:43 GMT
server
gams1
etag
"6113de9b-133"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307
via
1.1 google
a3a7b431bde66f8790628956fd6a9e14.js
cdn.pushcrew.com/js/ 		248 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/a3a7b431bde66f8790628956fd6a9e14.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.183.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78

Request headers

Origin
https://tgfunnls.org
Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 08:48:27 GMT
server
nginx
etag
W/"60cc5ddb-3e05c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
alt-svc
clear
via
1.1 google
expires
Wed, 11 Aug 2021 17:51:09 GMT
event
tgfunnls.org/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgfunnls.org/event?hitid={clickId}
Requested by
Host: tgfunnls.org
URL: https://tgfunnls.org/js/l.js?id=6cf7b69175b2a676ebf3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:30ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tgfunnls.org
x-xsrf-token
eyJpdiI6ImY2Rlo2cEFNRzYwbExEYWJTXC8wb2hBPT0iLCJ2YWx1ZSI6IlQ2ZHp6ck9MeUJYSU9SWmlDSlhnclJXTVhiUERDTFwvSGVPT2NtUndFSGZXTFFoOUp4XC9keTh5MG9yVjZjcmdWKyIsIm1hYyI6IjM2ODAzOGM2NzBmYmZiMDJlYzM2ZDYxY2JhN2NmZTcxZTA2NTlmYjJhOTQ5ZjVlNDMxZWIyMTdhM2RhOTc4YjIifQ==
accept-language
en-US
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
_vwo_uuid_v2=D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb; _gid=GA1.2.1730464773.1628702465; _gat_UA-192660002-1=1; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _hjid=369877cb-452c-44c4-9465-fc151a256304; _hjFirstSeen=1; _ga_Y6C8Y8V9BH=GS1.1.1628702465.1.1.1628702469.0; _ga=GA1.1.1774276706.1628702465; XSRF-TOKEN=eyJpdiI6ImY2Rlo2cEFNRzYwbExEYWJTXC8wb2hBPT0iLCJ2YWx1ZSI6IlQ2ZHp6ck9MeUJYSU9SWmlDSlhnclJXTVhiUERDTFwvSGVPT2NtUndFSGZXTFFoOUp4XC9keTh5MG9yVjZjcmdWKyIsIm1hYyI6IjM2ODAzOGM2NzBmYmZiMDJlYzM2ZDYxY2JhN2NmZTcxZTA2NTlmYjJhOTQ5ZjVlNDMxZWIyMTdhM2RhOTc4YjIifQ%3D%3D; c=eyJpdiI6InhDSmVQY24wayt4XC9EY0xvbm5MN0xnPT0iLCJ2YWx1ZSI6IkFtVFJiWlZmTUwzRlwvcVE2NFhmOFZHN1J3aFkzRVFRV2xqdStZdkIzbG0xUUJhQkFXZHJsMmZXYkFFbFNuc0gwIiwibWFjIjoiYmJlMGQ3YWU4ZWRlODA4MzQ1YjUwMDZjYzgxYzgxYjBiOWI4ZWY4OWRiYTg5YjcwNGRiOWYyNjRlMTJlYTQ4ZSJ9
content-length
188
:path
/event?hitid={clickId}
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tgfunnls.org
referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}
X-XSRF-TOKEN
eyJpdiI6ImY2Rlo2cEFNRzYwbExEYWJTXC8wb2hBPT0iLCJ2YWx1ZSI6IlQ2ZHp6ck9MeUJYSU9SWmlDSlhnclJXTVhiUERDTFwvSGVPT2NtUndFSGZXTFFoOUp4XC9keTh5MG9yVjZjcmdWKyIsIm1hYyI6IjM2ODAzOGM2NzBmYmZiMDJlYzM2ZDYxY2JhN2NmZTcxZTA2NTlmYjJhOTQ5ZjVlNDMxZWIyMTdhM2RhOTc4YjIifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 11 Aug 2021 17:21:09 GMT
x-proc
1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awMGbzJNGoO51FXOsjN4ovJUul7%2FxslhdBqqGx9FugaMn4nqsVUb5m6NpkZY%2Fra4ZqMdS4a0suY6weDmV5JAc4Y1ipEwrxmUmR08hVwplLoh2goW7GHdVlA%2FQJz6L6O93lIWP6OQ7zolVSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tgfunnls.org
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlJmOG9TWjR1dmViMDluT29Eb1Z2UkE9PSIsInZhbHVlIjoiSE9KamY2K25DXC8wSnozbFBtQndYUzlcLzIxZ2g2UThRRmQ3UFVNdmQ0V1QrVjNoaFN2K3BFbVo4S2pOK01EYVlUIiwibWFjIjoiMjgyOGJmNmE3OTczMzdmMjI5ZDRhZjc2N2RhZWE2MTU3Y2Q0ZjgxMzhjYzNiOTUwNmIxOWFjYzIxNDhiODRiMyJ9; expires=Wed, 11-Aug-2021 19:21:09 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImthalZRS2FrdnBNSUFEaUF6OEIxVVE9PSIsInZhbHVlIjoiNEZQSDF0YUYxXC82UEpTQXRjaHdOc2RCXC91cXN0amkyR1wvQ1hlZFo3RllER3VWMUNJcUhoaXRaN1ZRaDVNUWdWWSIsIm1hYyI6ImNlZWRkMWNjYjc2MTNmNDg2OTdjNDg3OGFmNjAwZjg0YzY0NDEyMzQ1MmQwOThmZTc2ZTFiNGUxZDhhYWIzNjIifQ%3D%3D; expires=Wed, 11-Aug-2021 19:21:09 GMT; Max-Age=7200; path=/; httponly
cf-ray
67d323833baf1f15-FRA
add
tagdataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Protocol
HTTP/1.1
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tgfunnls.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Wed, 11 Aug 2021 17:21:09 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagdataxrt.com/log/ 		12 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagdataxrt.com/log/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Requested by
Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tgfunnls.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Wed, 11 Aug 2021 17:21:09 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tgfunnls.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
add
tagdataxrt.com/time_visit/ 		0
0
/
tgfunnls.org/dly1st/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tgfunnls.org
URL
https://tgfunnls.org/event?hitid={clickId}
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=468461844&sr=1600x1200&ul=en-us&cid=799450672.1628702457&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702457&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=584243312&sr=1600x1200&ul=en-us&cid=799450672.1628702457&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702457&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=1068516356&sr=1600x1200&ul=en-us&cid=799450672.1628702457&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702457&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=396336338&sr=1600x1200&ul=en-us&cid=799450672.1628702457&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702457&sct=1&seg=1&en=page_view
Domain
www.google.com
URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=1777384632&sr=1600x1200&ul=en-us&cid=799450672.1628702457&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702457&sct=1&seg=1&en=page_view
Domain
www.google.com
URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=1070057115&sr=1600x1200&ul=en-us&cid=799450672.1628702457&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702457&sct=1&seg=1&en=page_view
Domain
www.google.com
URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=706538002&sr=1600x1200&ul=en-us&cid=799450672.1628702457&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702457&sct=1&seg=1&en=page_view
Domain
www.google.com
URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Domain
www.google.com
URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=1176251191&sr=1600x1200&ul=en-us&cid=1774276706.1628702465&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702465&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=657807782&sr=1600x1200&ul=en-us&cid=1774276706.1628702465&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702465&sct=1&seg=1&en=page_view
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C8Y8V9BH&gtm=2oe891&_p=1628673055&sr=1600x1200&ul=en-us&cid=1774276706.1628702465&_s=1&dl=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dr=https%3A%2F%2Ftgfunnls.org%2Fdly1st%2F%3Fhitid%3D%7BclickId%7D%26qze%3D7%26aff_sub%3D%7BcustomId1%7D%26aff_sub2%3D%7BcustomId2%7D&dt=Daily%20Profit&sid=1628702465&sct=1&seg=1&en=page_view
Domain
tagdataxrt.com
URL
https://tagdataxrt.com/time_visit/add?cid=8986ccc2-2e26-47a9-9229-e20b23e914d5
Domain
tgfunnls.org
URL
https://tgfunnls.org/dly1st/?hitid={clickId}&qze=7&aff_sub={customId1}&aff_sub2={customId2}

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| s object| dataLayer number| settings_timer number| _vwo_settings_timer object| _vwo_code function| RegistrationFlow object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp function| _ object| intlTelInputGlobals object| intlTelInputUtils object| tracker object| vttjs function| WebVTT string| AFKClickUrl object| container object| link object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

11 Cookies

Domain/Path Name / Value
tgfunnls.org/ Name: c
Value: eyJpdiI6InhDSmVQY24wayt4XC9EY0xvbm5MN0xnPT0iLCJ2YWx1ZSI6IkFtVFJiWlZmTUwzRlwvcVE2NFhmOFZHN1J3aFkzRVFRV2xqdStZdkIzbG0xUUJhQkFXZHJsMmZXYkFFbFNuc0gwIiwibWFjIjoiYmJlMGQ3YWU4ZWRlODA4MzQ1YjUwMDZjYzgxYzgxYjBiOWI4ZWY4OWRiYTg5YjcwNGRiOWYyNjRlMTJlYTQ4ZSJ9
.tgfunnls.org/ Name: _ga_Y6C8Y8V9BH
Value: GS1.1.1628702465.1.1.1628702469.0
tgfunnls.org/ Name: XSRF-TOKEN
Value: eyJpdiI6ImY2Rlo2cEFNRzYwbExEYWJTXC8wb2hBPT0iLCJ2YWx1ZSI6IlQ2ZHp6ck9MeUJYSU9SWmlDSlhnclJXTVhiUERDTFwvSGVPT2NtUndFSGZXTFFoOUp4XC9keTh5MG9yVjZjcmdWKyIsIm1hYyI6IjM2ODAzOGM2NzBmYmZiMDJlYzM2ZDYxY2JhN2NmZTcxZTA2NTlmYjJhOTQ5ZjVlNDMxZWIyMTdhM2RhOTc4YjIifQ%3D%3D
.tgfunnls.org/ Name: _hjFirstSeen
Value: 1
.tgfunnls.org/ Name: _vis_opt_s
Value: 1%7C
.tgfunnls.org/ Name: _vis_opt_test_cookie
Value: 1
.tgfunnls.org/ Name: _ga
Value: GA1.1.1774276706.1628702465
.tgfunnls.org/ Name: _gid
Value: GA1.2.1730464773.1628702465
.tgfunnls.org/ Name: _gat_UA-192660002-1
Value: 1
.tgfunnls.org/ Name: _hjid
Value: 369877cb-452c-44c4-9465-fc151a256304
.tgfunnls.org/ Name: _vwo_uuid_v2
Value: D591E9BA78133DD1836C43142E2B35DD3|b8cc1a348164eebbfad543469dbd91fb

2 Console Messages

Source Level URL
Text
console-api log URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js(Line 1)
Message:
Push notifications powered by Aimtell. Learn more at https://aimtell.com/developers
console-api error URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js(Line 1)
Message:
[aimtell] Browser does not support push

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pushcrew.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
in.bd44.fun
in.ehj13.xyz
in.xr117.xyz
my.rtmark.net
pagead2.googlesyndication.com
planet2.digital
s3.amazonaws.com
script.hotjar.com
static-13333.kxcdn.com
static.hotjar.com
stats.g.doubleclick.net
tagdatax.com
tagdataxrt.com
tagstaticx.com
tchfunnls.org
tgfunnls.org
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
tagdataxrt.com
tgfunnls.org
www.google-analytics.com
www.google.com
108.128.72.146
13.224.96.22
139.45.195.8
18.193.146.82
18.195.174.160
2606:4700:3031::ac43:da2b
2606:4700:3033::6815:3d08
2606:4700:3034::6815:30ec
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c0a::9d
2a0b:4d07:101::1
34.102.183.26
34.96.102.137
37.48.68.71
52.217.205.96
54.192.219.13
54.192.219.34
01a1c417dc936f998e2d2b78723622a154c0c415ec68e565205d9991d8e0783b
043fb5e90be61d9acd4dbd9079f3731b4d907b7d4cfdf9db4054461a903bccef
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
04a798951dc5f4694688033651151b607b5efae2c51d73d860e6e9a3261724e1
0574aff123157fae079e148e56262110474e112dc3aca9ca5aa7a64593f06035
0626cca3d4602e220b4a997e265f5cb15f4d03e10c075a5ff4734e6eee736859
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0a089c3d3235921440350228132f2646587e3e4b5117ff8dcf39fd9f140d2c4e
0b621788dfc11927d8234bba6f61286d13de6ccf831033c6e689f19303ec88ce
0dbbd4b1f92b5f123bb6d85da5224dbac1ef2873359ae63159fbd8c1d8aee472
0dd81a03016de5c1be49281bb42f5db84bf8968b636e893daa0ee24de5dbdd3b
0eb2c9182086c9715ad16894fa435e7d496c6c253378fc19a40a92edae534478
124610b36fb6c615cc2d82dbaa0a4e8b5d3d68a8dcf78505807a56dafd710240
126f29647a5fd666abd70f0bfe4f9a9b972c2e385e09554cf2fea5ffe35f62fc
12b210ddc01023a60b5644a93c3e91e8e205e458b42c590bfcc157b5a8173f78
138625c584af3e131263c4b1aef67de10f91cfa15e6c4adea29bb77c0cf7b132
1669423eca631e2fa8053ff74039a11ff6afac3a94dc37f357ce8d6ec9362913
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
1969e325ec1d027dac541ed2e298788d5c71ca81ffe2d4d109b9b4b5c200a5aa
1b4a787886c9e27adac2fee0f721641106ad5349fec6a0afb34197849a5a7d0a
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee
218be04d48aa9aa4da9bb4a708dbb463576fd8653914fd05bb113ce654dce714
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
252ebdc3ba603da3041ff75b8ecab4bcd8e971b572e454c1bd2b3b3fc681c94e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
268ff46bc6b396330ab19df9759ac0c9312c81992bc8ab6e5c59880828f41c14
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2a74b97179203cf3de9b255635c3927c34791cabfe69261cc8d1235c13315e78
2b6c4d0ec8fdf866731398895d0ab9a6970626ca9adfd07d3e4178649190360f
2c92fcee0f7c5fd992e818cd6e5f621e8701cea9b4b23eb03e2567560c7dd266
2edf39836d0ca4714e4d6f82d0669fa32d2c491296a60351886515d5e9816bc7
31042bafbba3ee3bae8f21d8d8744230a7c558630068c64e1e5ecb4721ab3910
333fb1628549c341eb44b5c1cc46de597e68508c0987a8f69288554d3e9089c8
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18
3d0776f2afd4256733e307cf46921dde2e1497a2767eb8bcb8ac17d5de9d2344
405bdae55bf3d462e3b4d261b3ceef97c416e941782b8112ba4e986d2ebcd110
40f1c2d46a1552d57763707448c18c46ff237b0b11492d1db0a216b7cf8180f8
41cc8226265d071dd816f01b4e656e9575b49927ecb0806984d85fd2acb3b318
427e9cf9bc070b73cae44b858b1cbb147385ccf3b74522b00606e8441d74eb21
44083bb64184a0d1eb3b3ed8c22464b0d00513c971cbd67a46af6c62fd27090a
4492a914e9b04700af2edb74ed00cc61fd4bf91026dc7c52315c497445b13e82
451bbf007be7ae39b4ab05d1d90ebd8cbffa423ae179787cd6ae598f13038635
45a8e9f975bd2d7db2041c671affac022eaf0b8db46c516a6f2021d30631aea3
4a044fd575b013f78be86ccf3f88b9bf6ccc3b808e1e36fa94e1c24561b1e2dc
4a404a950ef8cfa3eb686e62c8ab17e0a4609f2300e53d874a96ec618ab9474d
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
505179b6ae47187aea43a8bfd5bd983fad60e9cd723afbfd9efb83a6730a2eb8
510365a02218bce08dcd646d7b41a709c583b18cce23ce7428c9b0a80c844e15
52d92f757126264cb7d380b7ee209d364687036843fe907f294077da7823afc6
54972390dbaf659b943502bd6ef8dd2b6d1b65a8b8fe1b1aa0bf2a51783054de
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5824c35bd60851b4a1259a582eeed0d57c56e0cc265abfcd277dbdccf1bda4a6
586b901aeafbcb7ee4da0664b780b110d83c26b41f78eb92004849f514512ed0
5902ac2e28cc5433d57a98a62be69037be09754da694348e03d3e3b9e776f542
591a11ec4aaefb356c5cf3fb33bbe07edfd21405c01aff48357b794c50bbf8ff
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
5cd59eccd9d86662fdd628af254621d149f52b1bc946606e7c3d848d692f2f38
5e7fa08589c21d4914373f7b894986f0744b15908d026504fa3dff4cb095b56d
5e840708085df16224eeb0d8a8b3758d39bc7c60d3f0587ea1308f7d37d2e9db
6146ca4b028179e11b9c4654b265666562e0634950bbcd08bcf42b40d23b60d9
625833e04e552909f5750b25038c3aa617725bad82a303d5a2709124d7605bd8
63c15993027588fcc41d81e35dd420135e12dabb318a6f8a68b7698a47764159
643fd5bbba83df81d7964af5bf6a620be2a175918e69bf1e0bada49b3e4301a5
64ed5a52ad61d130e81e7f061fbb7df681fb3781f6a0af5779b3d250c3c92cc5
65b300b605683898677255e3279e671b81da8615d95413950cd6f5461bd4faa2
6adb3895793c30f79350d7289d9c6ce695e5a5cf82a7a82e3c390350228c75b0
6d557da70d84a705a3f6ea1e66d5ab3d28774e2deed68caa5ea617d84a97d73d
6d6b0b2b3ce3ec690491ad53348667285877a284d43a58bae67219df3128c453
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634
7692dc3218cdd4e0039b4e77586f6ec58acc1eaa22fecdc234ea7340ea38996a
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
775d5e1290a58554d757717323909ad709c1973fb599f7058e48b53498b7d69f
789421e97c465f7367c2c16bad228afc0d9211d9ff3c949b7ef88b72e9fc30db
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7c01610e53cbe2313bd441cd9182762cec4240e4eecebeca6d086f34e4672784
7e5de8fcd18bf54743c8d150a090e05cdce3b2f140be73fe563b6f1c19d26415
7e763cc501286b0766a736b0a628d626cf986c276bef8130fb01c13c53d04215
82f132dd973f5b46025d65c86cf55648143eb959a70eca166fc027186d1cedca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839741000c77d2606bc8b695ba0bb9cc4b8ef484f8b6babd649e6bef0d607f3e
848241828371dce361ca8a9d9bb58602cae31593219d6be0664c03933c44face
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
888c1ceeb3168b20fcd76c17295f29aebf17c5e8b1bd68df67b44a892bf6120c
8b4a9a95f3097fb664ea894e1d09f2072acd44696afa75cdf8132bdfd375e0e6
8dd89f979e28205b31f0e85572f5fedc18942388acaac47fbdda85861897d27c
8f62e5b42279de5ac04b03ae515d1319e90ca42efc94e5e4a8a15545fc4fc887
90bd608ee2a9d4b953634b7a8d652231152773b6721b6af1a01fb167e9b2fc38
9250b900dd83ebed38e82f7b8c9dde68325b84fe650e2acf2a26f1d7c9661628
9749d6d7aee9bdd7b806eb8fd8fa1bfd7ef25aab0aba744948b279d4c1a348ba
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
991737d7f6673a2421b8575399df060d34507420a9c158dd35e9c4d3134640bb
9a00c4ead2d42b0067733ebca365f8184cd6f87b1c42bb3e8df5b4eb16bd3e35
9bdeafc25e98e65235db3a1996bc59250dcea6dc2ea2451b05a5f5485856a4e5
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9ea50c14229028b5f31c5ee493dcbbe573ec01859399e5a80fa3103673dee44b
a0220351dbfc38e8494b130fc62e9fe95c1d9b399761421963e2406bebeeb7b1
a12ff194c7e145e95687fe893730a8d612f6601c18e6632a979e05e0d29612e5
a1efdd674288594ded46efcf602ba9ed1080080e98ec0def8974f495b546cc7b
a52901c6296f571a48143efc8c7626714f2f15a0e034390d31380d508684ad0e
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af62f396aa28ee283736cb82218c4369957c5d285a89f51178072abf0285db63
aff262b0ff8882606831b77cb7fe8c2b7ee184a4c3a4e10de152932dde9ed3f8
b00bf2b0a3755f6d875304bb4e9a7216ab2cd2cbf3291b3a626a8ced20489597
b097d9409b9b2fcde3993197635d6e7d49126e794dec3c3a5de9892cce15ec84
b191cb52e5cbb67b666e9c842dc953a6e6fc043582e37bbdc5d80896789d3de1
b34c966566c38b661c8557882b3471725f01ea87e481333e29d00c7f6c96d8be
b6c7b2aba6b9176ec01f660cd2804bf59f2aadbf8c917c419e5e719ae53a9f9e
baca9c7ddb2351017f979b2f51b499d6e661eb70d35bd8d16d208eb7bb9b17ff
bb5bc599c39a5bca49c22d8610da6c0ad19fe37be691e55bf22f7592535d93bb
be240fa511cb8fe3a307d4c5240d3c6bee7a06a5d11746cc2172ff06e993ffa8
be72cb1fc217e4fc460203df30cd06a08f2eade76e347398fc00f6781bf38f95
bf19e9d166223b61f9bc5cf5f83a580cf4ef82ee7e99e26a59413c07628b8d54
c001780d5a0136da809d6908ac44d8b0e4d9b36bf9891772a006294888226576
c477813a25a225a5760758c003d9b12918382d5ae164b80ebaab75559e7e2335
c4d3b32e24ea06591e7f166b20939f84cb767bb0742bc3c51f07c6f4b684f1e0
c9ef11962b51a24019fad978a72cef9ac8d6047984f279fe5c0d3e5dab4d1f4e
cfdf60443074ac77f62bb4e2e08b063402a7911267d91eb21e916b57d614a903
d2239b54d29a04c8522924e081d31ed1a123db4792b3fbc2fff84f66528e4974
d35ec7636f20627c46249b7ac076fd59aad2c15c8207c92cc8251df812abc0bc
d38c81c061cf58c152492e267c1bf5bcc6c29f621134b43f102c5238a27329e7
d5a028ea8b113dc43ba68a8977acf23c351c411349f0bd62e2eb54d82467b826
d7e57b7c8fc1a0e25b893fc00da8cca5368cc489227958d4a781665339cd7260
db25569ca846700147c343492b9854e77a3258e969f350aa447a710dcc745555
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
e2c723e5213b23f410648cd638cadddb95a3f7b8dcb0290a1084a8564b4bd94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c59ea0883809e136511651e777fcb487c61a9e41d1b31dc1d684496a9d0ede
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ea5e6ce0b140a4f34e0791217b3394703c095156bbf31c2502a506b4e02ce6d7
eadb133f4b8d83405ea42a67245afae0d302a65a8a1807a75b41084c084d4a8b
eb261b3b20d1b06236dbf94b20690a87b01f022bbb1cf294c883720c6ba00602
ed95f3797361e43a39871b0e447c287ea998e3b7abdfbae6e58ed0cbbb1ac115
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09922b761c854fcec7c2b1db74b57482a9210bfe6e42db4c068e12bc8a17abe
f3567cf9eb0717ad9840ff19014abf051d9bebb63ba3d270eb23d409dd449b5a
f86bc4f3e44be3f65237300bb38ba8d11c8886aabeb911f14469da74a9f24edd
f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
fbb0799ca2c1cef46bb9318c159959dff3a06fba19a5fdd0cea78822d6d27c8e
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
fc5acadc51c3e43254bce32bbd37f4632798b739a8188e7ae6008adf83c983a5
fe8a701e5552cb8f996388184dc59e2c3f04f37581d21fcfc1c4f50ddf04d107
fea97b726590fe4a2287fc338a9ba11f11d1f9f20a68500a2832f2120b7f1856