exctransfers.com Open in urlscan Pro
35.184.135.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u19375462.ct.sendgrid.net/ls/click?upn=iMJas8il7Q6piI2RasKsSB-2Bwo3ZpMIpQigH9HMSRTeEPagR50g5SMw014Qb9cLLjP7Tl-2FA333iug6ll...
Effective URL:
https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Submission: On October 19 via api (October 19th 2021, 6:39:45 pm UTC) from US — Scanned from DE

Summary HTTP 37 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 37 HTTP transactions. The main IP is 35.184.135.168, located in United States and belongs to GOOGLE, US. The main domain is exctransfers.com.
TLS certificate: Issued by R3 on September 12th 2021. Valid for: 3 months.

This is the only time exctransfers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.121 167.89.115.121	11377 (SENDGRID) (SENDGRID)
23	35.184.135.168 35.184.135.168	15169 (GOOGLE) (GOOGLE)
1	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
2	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	64.233.166.155 64.233.166.155	15169 (GOOGLE) (GOOGLE)
2	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
2	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
37	11

1 167.89.115.121 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net

u19375462.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 35.184.135.168 (United States)

ASN15169 (GOOGLE, US)
PTR: 168.135.184.35.bc.googleusercontent.com

exctransfers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	exctransfers.com exctransfers.com	555 KB
2	facebook.com www.facebook.com	515 B
2	facebook.net connect.facebook.net	170 KB
2	google.de www.google.de	676 B
2	google.com www.google.com	676 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	googletagmanager.com www.googletagmanager.com	51 KB
1	sendgrid.net 1 redirects u19375462.ct.sendgrid.net	315 B
37	10

	Domain	Requested by
23	exctransfers.com	exctransfers.com
2	www.facebook.com	exctransfers.com
2	connect.facebook.net	exctransfers.com connect.facebook.net
2	www.google.de	exctransfers.com
2	www.google.com	exctransfers.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	exctransfers.com
1	u19375462.ct.sendgrid.net	1 redirects
37	11

This site contains links to these domains. Also see Links.

Domain
admin.exctransfers.com

Subject Issuer	Validity	Valid
exctransfers.com R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Frame ID: CDD07E380DD4E074B1FD367209C3F5C5
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Auto/Home leads: High Quality, High Volume High Close Ratio. Live Transferred to Your Phones.

Page URL History Show full URLs

https://u19375462.ct.sendgrid.net/ls/click?upn=iMJas8il7Q6piI2RasKsSB-2Bwo3ZpMIpQigH9HMSRTeEPagR50g5SMw014Qb9c... HTTP 302
https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

37
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

2
Countries

814 kB
Transfer

1627 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://admin.exctransfers.com/call-manager-login.php
Title: LOG IN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u19375462.ct.sendgrid.net/ls/click?upn=iMJas8il7Q6piI2RasKsSB-2Bwo3ZpMIpQigH9HMSRTeEPagR50g5SMw014Qb9cLLjP7Tl-2FA333iug6llR3ZKZkdBPEes-2BuvJQy-2BLIFhARSPmIRAMvLIOfn6MBUl4bv5RWYL-2BuMbDqxSjCJOJqshR-2FUdZ9fvTW4uz0gCtnMoT93-2B0-3D2ks7_-2FBkQsH0b48ZDL1ZHS3JUIDqlqUuts-2BQKGZcMskzbDAHpJ1-2FbYG-2FJ27rivdPXv2I43Kv6VvwuCCmplo8-2FPn4VUhzVNwhju2FyQGix39VqecHEv74s5XsErZQFrTxLROBPzglwVihVBUogkKXXfSuUBk5vmdk3mUPgAsNLvvbi2m1JiOtHmKt-2BTamB4nuHKMHcDqM8hm2Mvf8V3JqL6q5MPjHGf4xq2BA47U-2BKb7kFcsPvb52eCCj-2BT4Z88bGW-2BYm-2F HTTP 302
https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
exctransfers.com/
Redirect Chain

https://u19375462.ct.sendgrid.net/ls/click?upn=iMJas8il7Q6piI2RasKsSB-2Bwo3ZpMIpQigH9HMSRTeEPagR50g5SMw014Qb9cLLjP7Tl-2FA333iug6llR3ZKZkdBPEes-2BuvJQy-2BLIFhARSPmIRAMvLIOfn6MBUl4bv5RWYL-2BuMbDqxSjC...
https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

135 KB
91 KB

415ms
157ms

Document
text/html

35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4513312cf610c7f997dad8119a56933dab08895b68ae79a40bf6ab1c4112e23c

Request headers

Host: exctransfers.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 19 Oct 2021 18:39:39 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: max-age=0, no-cache
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; expires=Tue, 19-Oct-2021 20:39:39 GMT; Max-Age=7200; path=/ exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; expires=Tue, 19-Oct-2021 20:39:39 GMT; Max-Age=7200; path=/; httponly
Vary: Accept-Encoding
X-Mod-Pagespeed: 1.13.35.2-0
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Server: nginx
Date: Tue, 19 Oct 2021 18:39:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 146
Connection: keep-alive
Location: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK logo.png
exctransfers.com/images/ 2 KB
3 KB 645ms
118ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exctransfers.com/images/logo.png

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.135.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.135.184.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

d31f36cd99cb9d355cf77cb86352dce3e3b9d01695b4f11d4bfe7277d1ae2b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 5787
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"PSA-aj-iraEkS0ojX-gzip"
Vary: User-Agent,Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=30751234, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2567
Expires: Mon, 10 Oct 2022 16:40:15 GMT

GET
H/1.1 200
OK small-logo.png
exctransfers.com/images/ 1 KB
2 KB 711ms
118ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exctransfers.com/images/small-logo.png

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.135.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.135.184.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

8bc310fbe659f2391b5837c41f5d6c3e64bd13d782ff638b1293332265be6d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 1436
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"PSA-aj-cLbljLqvRR-gzip"
Vary: User-Agent,Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=30079757, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1159
Expires: Sun, 02 Oct 2022 22:08:58 GMT

GET
H/1.1 200
OK webfa-regular-400.woff2
exctransfers.com/fonts/vendor/@fortawesome/fontawesome-free/ 13 KB
13 KB 354ms
119ms Font
application/octet-stream 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://exctransfers.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-regular-400.woff2
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://exctransfers.com
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D
Connection: keep-alive
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Origin: https://exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 13:46:05 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "33dc-5c95cf4d28d2b-gzip"
Vary: Accept-Encoding
Cache-Control: max-age=31104000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13299
Expires: Fri, 14 Oct 2022 18:39:40 GMT

GET
H/1.1 200
OK GothamRounded-Medium.woff2
exctransfers.com/fonts/ 20 KB
21 KB 354ms
118ms Font
application/octet-stream 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://exctransfers.com/fonts/GothamRounded-Medium.woff2
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 546c2394855dd659b7fd0f7e7ff7d49cbc4f449526c87a970302ae7e9fb91ae9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://exctransfers.com
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D
Connection: keep-alive
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Origin: https://exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 13:46:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "514c-5c95cf4ace3b8-gzip"
Vary: Accept-Encoding
Cache-Control: max-age=31104000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20835
Expires: Fri, 14 Oct 2022 18:39:40 GMT

GET
H/1.1 200
OK GothamRounded-Light.woff2
exctransfers.com/fonts/ 19 KB
19 KB 356ms
120ms Font
application/octet-stream 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://exctransfers.com/fonts/GothamRounded-Light.woff2
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 1489f10b85e55c354e671e29e7e9bcaa2c4cc7fb59c14290472a00177373b1e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://exctransfers.com
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D
Connection: keep-alive
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Origin: https://exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 13:46:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4adc-5c95cf4ab0eee-gzip"
Vary: Accept-Encoding
Cache-Control: max-age=31104000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19187
Expires: Fri, 14 Oct 2022 18:39:40 GMT

GET
H/1.1 200
OK GothamRounded-Bold.woff2
exctransfers.com/fonts/ 19 KB
19 KB 361ms
121ms Font
application/octet-stream 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://exctransfers.com/fonts/GothamRounded-Bold.woff2
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2b0b49fd0de0940eb6c062a52cb6f6558cefd1c54784ae9de435a84f2d3328b0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://exctransfers.com
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D
Connection: keep-alive
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Origin: https://exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 13:46:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4c3c-5c95cf4a949c4-gzip"
Vary: Accept-Encoding
Cache-Control: max-age=31104000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19539
Expires: Fri, 14 Oct 2022 18:39:40 GMT

GET
H/1.1 200
OK app.min.css
exctransfers.com/css/ 32 KB
8 KB 352ms
118ms Stylesheet
text/css 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.135.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.135.184.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

8f4ba76875131403c1065fd7341a5a50c9c92c48330daf4c0945ee4da473c04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 32540
Server: Apache/2.4.18 (Ubuntu)
ETag: "7f1c-5cbbea4c3c6bc-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=378432000, public
Last-Modified: Sat, 11 Sep 2021 21:09:12 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7409
Expires: Wed, 12 Oct 2033 16:40:15 GMT

GET
H/1.1 200
OK app.min.js Show response
exctransfers.com/js/ 171 KB
52 KB 405ms
118ms Script
application/javascript 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://exctransfers.com/js/app.min.js?id=a4e58a497f111497731e

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.135.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.135.184.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

6283608f843474d54c6fcac561ce26c7cfa15be3dc1adef8dcb75129118bf26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 175408
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"PSA-aj-2AvxNXh5gt"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=377819046, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 52680
Expires: Sun, 09 Oct 2033 16:23:47 GMT

GET
H/1.1 200
OK header.png
exctransfers.com/images/ 40 KB
40 KB 120ms
119ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exctransfers.com/images/header.png?v=3

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.135.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.135.184.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

f31eb22220a5f6893ddcc7e91c061efe9a1d5e12a447dc1133aa3646fe67abbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 51937
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"PSA-aj-TTSN583nnc-gzip"
Vary: User-Agent,Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=28930541, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 40794
Expires: Mon, 19 Sep 2022 14:55:22 GMT

GET
H/1.1 200
OK how-it-works.png
exctransfers.com/images/ 16 KB
14 KB 120ms
120ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exctransfers.com/images/how-it-works.png?v=2

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.135.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.135.184.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

20f752fb49f49b91278f6b2b865f6e5df90be7ced6023a8e2dc551f7e1141a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 47024
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"PSA-aj-kQfC9iJ3GL-gzip"
Vary: User-Agent,Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=30079758, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 14031
Expires: Sun, 02 Oct 2022 22:08:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
51 KB 113ms
53ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3XB58W

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1d3af619ea37b5428388f33d0dcfd6cb5a0335a46dc2395aa531dc0f4e6e9e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 18:39:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52182
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Oct 2021 18:39:40 GMT

GET
H/1.1 200
OK 1.JiBnMqyl6S.gif
exctransfers.com/pagespeed_static/ 53 B
353 B 119ms
119ms Image
image/gif 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exctransfers.com/pagespeed_static/1.JiBnMqyl6S.gif

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.135.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.135.184.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Oct 2021 18:39:40 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 53

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31f36cd99cb9d355cf77cb86352dce3e3b9d01695b4f11d4bfe7277d1ae2b17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 70ms
21ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3XB58W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 2314
date: Tue, 19 Oct 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 19 Oct 2021 20:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 94ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3XB58W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 18:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14430
x-xss-protection: 0
server: cafe
etag: 16924264664223707549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 18:39:40 GMT

GET
H/1.1 200
OK xborder-white.png,qv=2.pagespeed.ic.L5JZ1xW_Nh.webp
exctransfers.com/images/ 42 B
503 B 207ms
118ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exctransfers.com/images/xborder-white.png,qv=2.pagespeed.ic.L5JZ1xW_Nh.webp
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 24139f3bb8bdf41f6054aa9798cb6d602b7d62f33091ab13f260ae92277a2978

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
X-Original-Content-Length: 83
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0"
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Last-Modified: Fri, 15 Oct 2021 18:03:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://exctransfers.com/images/border-white.png?v=2>; rel="canonical"
Content-Length: 42
Keep-Alive: timeout=5, max=99
Expires: Sat, 15 Oct 2022 18:03:59 GMT

GET
DATA 200
OK truncated
/ 65 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 496d2c924c0647ce12a0313f75281b5133a06fc994b022275e0b5c2c9bf41c35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 29ms
28ms XHR
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1378240219&t=pageview&_s=1&dl=https%3A%2F%2Fexctransfers.com%2F%3Futm_source%3Demail-2-allfarm%26utm_campaign%3Dmarch7%26utm_medium%3Demail%26utm_content%3Djoesemail&ul=en-us&de=UTF-8&dt=Auto%2FHome%20leads%3A%20High%20Quality%2C%20High%20Volume%20High%20Close%20Ratio.%20Live%20Transferred%20to%20Your%20Phones.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=174468243&gjid=1994599772&cid=614480435.1634668780&tid=UA-183252542-1&_gid=454422163.1634668780&_r=1&gtm=2wgai0K3XB58W&z=984548157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exctransfers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 18:39:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exctransfers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 540x299xpricing.png,qv=2.pagespeed.ic.dDZBzMrfi-.webp
exctransfers.com/images/ 74 KB
75 KB 119ms
119ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exctransfers.com/images/540x299xpricing.png,qv=2.pagespeed.ic.dDZBzMrfi-.webp
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5bcbc929e2834f58b1450147e1e148b69c2e3ab6dce876175a7da3f99ba0b78d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Original-Content-Length: 408701
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Last-Modified: Mon, 11 Oct 2021 17:04:43 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://exctransfers.com/images/pricing.png?v=2>; rel="canonical"
Keep-Alive: timeout=5, max=96
Expires: Tue, 11 Oct 2022 17:04:43 GMT

GET
H/1.1 200
OK xborder-blue.png,qv=2.pagespeed.ic.3B-zflVzoK.webp
exctransfers.com/images/ 42 B
502 B 119ms
118ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exctransfers.com/images/xborder-blue.png,qv=2.pagespeed.ic.3B-zflVzoK.webp
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b3922f46730ea89f13a3d7779b36abb27a5a0fc807e5a21bd2736299ccfdd4a8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
X-Original-Content-Length: 83
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0"
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Last-Modified: Fri, 15 Oct 2021 18:03:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://exctransfers.com/images/border-blue.png?v=2>; rel="canonical"
Content-Length: 42
Keep-Alive: timeout=5, max=97
Expires: Sat, 15 Oct 2022 18:03:59 GMT

GET
H/1.1 200
OK xhow-we-operate.png,qv=2.pagespeed.ic.hk5OnYy1UT.webp
exctransfers.com/images/ 74 KB
75 KB 120ms
119ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exctransfers.com/images/xhow-we-operate.png,qv=2.pagespeed.ic.hk5OnYy1UT.webp
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d808511ed5f1c2a12f20beb2c461180e6ddcad11dda9db9e280ac17c3cc783f9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Original-Content-Length: 86386
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Last-Modified: Tue, 12 Oct 2021 03:49:38 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://exctransfers.com/images/how-we-operate.png?v=2>; rel="canonical"
Keep-Alive: timeout=5, max=97
Expires: Wed, 12 Oct 2022 03:49:38 GMT

GET
H/1.1 200
OK 1519x300xfooter.png.pagespeed.ic.0CSx5cOEou.webp
exctransfers.com/images/ 6 KB
7 KB 119ms
118ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exctransfers.com/images/1519x300xfooter.png.pagespeed.ic.0CSx5cOEou.webp
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 1128f85489a928f8e45cdf5e23571805a5f5a9b04f19e10e5cc17c885f2abc75

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Original-Content-Length: 27075
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Last-Modified: Thu, 14 Oct 2021 14:50:17 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://exctransfers.com/images/footer.png>; rel="canonical"
Content-Length: 6305
Keep-Alive: timeout=5, max=96
Expires: Fri, 14 Oct 2022 14:50:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/475238981/ 2 KB
2 KB 92ms
37ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475238981/?random=1634668780398&cv=9&fst=1634668780398&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgai0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fexctransfers.com%2F%3Futm_source%3Demail-2-allfarm%26utm_campaign%3Dmarch7%26utm_medium%3Demail%26utm_content%3Djoesemail&tiba=Auto%2FHome%20leads%3A%20High%20Quality%2C%20High%20Volume%20High%20Close%20Ratio.%20Live%20Transferred%20to%20Your%20Phones.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9de156fab10dab5526a2aea28e2b42198d393b0042a3e94546dffc2868ce833a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 18:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef7388fa7251165a24bf42f909e17e37e27a4c96393eb3ee826a28f8dfdb5dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1a5b50168df1c50b68442a8b678e322bd6543b99c866b8d6d959f5fa78df47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK how-it-works-avatar.png
exctransfers.com/images/ 33 KB
33 KB 288ms
122ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exctransfers.com/images/how-it-works-avatar.png?v=2

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.135.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.135.184.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

579011a721c2a1077f3552eefbead7bbd1887fcdaa81830746cfdc9d8b1da689

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 37048
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"PSA-aj-tDMsGlsYxY-gzip"
Vary: User-Agent,Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=27757482, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33710
Expires: Tue, 06 Sep 2022 01:04:23 GMT

GET
H/1.1 200
OK 1519x616xhow-it-works.png,qv=2.pagespeed.ic.hVEh5eqfIX.webp
exctransfers.com/images/ 8 KB
9 KB 277ms
119ms Image
image/webp 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exctransfers.com/images/1519x616xhow-it-works.png,qv=2.pagespeed.ic.hVEh5eqfIX.webp
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 965b4b062f8ff96927949d7c9ce576c271cd0590b034027c0338daeef322a1c4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
X-Original-Content-Length: 47024
Server: Apache/2.4.18 (Ubuntu)
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Last-Modified: Tue, 19 Oct 2021 17:40:35 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://exctransfers.com/images/how-it-works.png?v=2>; rel="canonical"
Content-Length: 8635
Keep-Alive: timeout=5, max=99
Expires: Wed, 19 Oct 2022 17:40:35 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
463 B 63ms
21ms XHR
text/plain 64.233.166.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-183252542-1&cid=614480435.1634668780&jid=174468243&gjid=1994599772&_gid=454422163.1634668780&_u=YEBAAEAAAAAAAC~&z=100134131

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://exctransfers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 19 Oct 2021 18:39:40 GMT
content-type: text/plain
access-control-allow-origin: https://exctransfers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK GothamRounded-Bold.woff2
exctransfers.com/fonts/ 19 KB
19 KB 168ms
118ms Font
application/octet-stream 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://exctransfers.com/fonts/GothamRounded-Bold.woff2?c838783812174fabd5aa2b3c671df91c
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2b0b49fd0de0940eb6c062a52cb6f6558cefd1c54784ae9de435a84f2d3328b0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://exctransfers.com
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Referer: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Origin: https://exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 13:46:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4c3c-5c95cf4a949c4-gzip"
Vary: Accept-Encoding
Cache-Control: max-age=31104000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19539
Expires: Fri, 14 Oct 2022 18:39:40 GMT

GET
H/1.1 200
OK GothamRounded-Medium.woff2
exctransfers.com/fonts/ 20 KB
21 KB 232ms
119ms Font
application/octet-stream 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://exctransfers.com/fonts/GothamRounded-Medium.woff2?7a714bc3ac5f2809733ab75565e1385c
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 546c2394855dd659b7fd0f7e7ff7d49cbc4f449526c87a970302ae7e9fb91ae9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://exctransfers.com
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Referer: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Origin: https://exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 13:46:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "514c-5c95cf4ace3b8-gzip"
Vary: Accept-Encoding
Cache-Control: max-age=31104000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20835
Expires: Fri, 14 Oct 2022 18:39:40 GMT

GET
H/1.1 200
OK GothamRounded-Light.woff2
exctransfers.com/fonts/ 19 KB
19 KB 232ms
118ms Font
application/octet-stream 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://exctransfers.com/fonts/GothamRounded-Light.woff2?df95c176d9c37aa2db2b634714eca1bc
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 1489f10b85e55c354e671e29e7e9bcaa2c4cc7fb59c14290472a00177373b1e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://exctransfers.com
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Referer: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Origin: https://exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 13:46:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4adc-5c95cf4ab0eee-gzip"
Vary: Accept-Encoding
Cache-Control: max-age=31104000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19187
Expires: Fri, 14 Oct 2022 18:39:40 GMT

GET
H/1.1 200
OK webfa-regular-400.woff2
exctransfers.com/fonts/vendor/@fortawesome/fontawesome-free/ 13 KB
13 KB 229ms
119ms Font
application/octet-stream 35.184.135.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://exctransfers.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-regular-400.woff2?f0f8230116992e521526097a28f54066
Requested by: Host: exctransfers.com
URL: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.184.135.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 168.135.184.35.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://exctransfers.com
Accept-Encoding: gzip, deflate, br
Host: exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Cookie: XSRF-TOKEN=eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D; exctransfers_session=eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D; _gcl_au=1.1.1001409707.1634668780; _ga=GA1.2.614480435.1634668780; _gid=GA1.2.454422163.1634668780; _gat_UA-183252542-1=1
Connection: keep-alive
Referer: https://exctransfers.com/css/app.min.css?id=8147f0d8b221ba10a8ee
Origin: https://exctransfers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 18:39:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 13:46:05 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "33dc-5c95cf4d28d2b-gzip"
Vary: Accept-Encoding
Cache-Control: max-age=31104000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13299
Expires: Fri, 14 Oct 2022 18:39:40 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 98ms
44ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-183252542-1&cid=614480435.1634668780&jid=174468243&_u=YEBAAEAAAAAAAC~&z=269964486

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 18:39:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 94ms
45ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-183252542-1&cid=614480435.1634668780&jid=174468243&_u=YEBAAEAAAAAAAC~&z=269964486

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 18:39:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/475238981/ 42 B
569 B 83ms
34ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/475238981/?random=1634668780398&cv=9&fst=1634666400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgai0&sendb=1&frm=0&url=https%3A%2F%2Fexctransfers.com%2F%3Futm_source%3Demail-2-allfarm%26utm_campaign%3Dmarch7%26utm_medium%3Demail%26utm_content%3Djoesemail&tiba=Auto%2FHome%20leads%3A%20High%20Quality%2C%20High%20Volume%20High%20Close%20Ratio.%20Live%20Transferred%20to%20Your%20Phones.&async=1&fmt=3&is_vtc=1&random=1850474456&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 18:39:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/475238981/ 42 B
569 B 79ms
36ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/475238981/?random=1634668780398&cv=9&fst=1634666400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgai0&sendb=1&frm=0&url=https%3A%2F%2Fexctransfers.com%2F%3Futm_source%3Demail-2-allfarm%26utm_campaign%3Dmarch7%26utm_medium%3Demail%26utm_content%3Djoesemail&tiba=Auto%2FHome%20leads%3A%20High%20Quality%2C%20High%20Volume%20High%20Close%20Ratio.%20Live%20Transferred%20to%20Your%20Phones.&async=1&fmt=3&is_vtc=1&random=1850474456&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 18:39:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: bRc8vAw3Kfogu+tb+cnScY+1BSH/UkqWW0Go6lvC78UyJVIZQGfmRZ1r+JI2ntVDphYK+k+65dMEZRILX2YZNw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 19 Oct 2021 18:39:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 667721994120339 Show response
connect.facebook.net/signals/config/ 490 KB
143 KB 201ms
192ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/667721994120339?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

d8ca79062039ff69435d6ec775a537ac276f63352ce57e2b68299407cb2df3ba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: or1ZSkeXPvHRJDncQxATJRHj94rIuQ0Z0GMdQegafQ6XrMVB2Beendd+hyMmbxZUoNDCMpkyjopzcs+TvYprPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 19 Oct 2021 18:39:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
424 B 23ms
7ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=667721994120339&ev=PageView&dl=https%3A%2F%2Fexctransfers.com%2F%3Futm_source%3Demail-2-allfarm%26utm_campaign%3Dmarch7%26utm_medium%3Demail%26utm_content%3Djoesemail&rl=&if=false&ts=1634668780822&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634668780820.1525071831&it=1634668780566&coo=false&exp=p0&rqm=GET

Requested by

Host: exctransfers.com
URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 18:39:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 19 Oct 2021 18:39:40 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=667721994120339&ev=Microdata&dl=https%3A%2F%2Fexctransfers.com%2F%3Futm_source%3Demail-2-allfarm%26utm_campaign%3Dmarch7%26utm_medium%3Demail%26utm_content%3Djoesemail&rl=&if=false&ts=1634668781325&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Auto%2FHome%20leads%3A%20High%20Quality%2C%20High%20Volume%20High%20Close%20Ratio.%20Live%20Transferred%20to%20Your%20Phones.%22%2C%22meta%3Adescription%22%3A%22Auto%20%26%20Home%20insurance%20leads%20live%20transferred%20to%20your%20phones.%20High%20volume%20and%20high%20quality.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Auto%2FHome%20leads%3A%20High%20Quality%2C%20High%20Volume%20High%20Close%20Ratio.%20Live%20Transferred%20to%20Your%20Phones.%22%2C%22og%3Atype%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fexctransfers.com%22%2C%22og%3Asite_name%22%3A%22https%3A%2F%2Fexctransfers.com%22%2C%22og%3Adescription%22%3A%22Auto%20%26%20Home%20insurance%20leads%20live%20transferred%20to%20your%20phones.%20High%20volume%20and%20high%20quality.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634668780820.1525071831&it=1634668780566&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://exctransfers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 18:39:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 19 Oct 2021 18:39:41 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
exctransfers.com/	1970-01-19 22:04:35	Name: XSRF-TOKEN Value: eyJpdiI6IkpZcmk3QTZiS29kTHlVWU5DRnBFdEE9PSIsInZhbHVlIjoiU0xGejdBdU10QnM4N2hEMmNwTXo0NlhWVWlCeG1JV2lXRUo2TU0wTzRwOTJqZWRxeG15UzFDODZYWmFOXC9IZVB3YndQQ3dIWGYxN1ZWbDNRZGhJXC8zWjFobTgyWGdVNXhZRDAzM0hRb01sd0s3M0NkbEZ3eFwvWXJQTm5NQWpBK2UiLCJtYWMiOiIzN2IzOGJkZTQxNjUxYmI0MTI4NGNiZDg5ZjEwZmQ2YjI5YzNmMTI3OTg1ZDM0NTdiNWZjZTdkNDgwYmIzNmYxIn0%3D
exctransfers.com/	1970-01-19 22:04:35	Name: exctransfers_session Value: eyJpdiI6ImdSN2Nic0xrRnZ2aWx1VTVyZGZjNnc9PSIsInZhbHVlIjoiXC9iaTQ2UkxCN3hvU0dhWUl3cCtVb08zclc0ZHlPVWpMU2l2M0JqVkg3M2tPK051cm0wNFEzckNOeTlCVFRLVUsrYWZmRkpieTAwN0kxeVwvcFRGT0xTajJhSEJ3NGd5d2tUa1NjcU5MUm1oWG5vc2o3elF0RDVpSnVodFRuRmJaTyIsIm1hYyI6IjkyYmZhMWZkMzEzNzhhM2JiNzcyZjA3Y2JlNmRmNmEwMTJhNmVmM2UzYmY4NzI4NGI1ZGZkMmI4MjlmOTQ4OGQifQ%3D%3D
.exctransfers.com/	1970-01-20 00:14:04	Name: _gcl_au Value: 1.1.1001409707.1634668780
.exctransfers.com/	1970-01-20 15:35:40	Name: _ga Value: GA1.2.614480435.1634668780
.exctransfers.com/	1970-01-19 22:05:55	Name: _gid Value: GA1.2.454422163.1634668780
.exctransfers.com/	1970-01-19 22:04:28	Name: _gat_UA-183252542-1 Value: 1
.doubleclick.net/	1970-01-19 22:04:29	Name: test_cookie Value: CheckForPermission
.exctransfers.com/	1970-01-20 00:14:04	Name: _fbp Value: fb.1.1634668780820.1525071831
.facebook.com/	1970-01-20 00:14:04	Name: fr Value: 05K2b3SJ18es6K95o..BhbxDs...1.0.BhbxDs.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail Message: The resource https://exctransfers.com/images/how-it-works.png?v=2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail Message: The resource https://exctransfers.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-regular-400.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail Message: The resource https://exctransfers.com/fonts/GothamRounded-Light.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail Message: The resource https://exctransfers.com/fonts/GothamRounded-Bold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail Message: The resource https://exctransfers.com/images/logo.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://exctransfers.com/?utm_source=email-2-allfarm&utm_campaign=march7&utm_medium=email&utm_content=joesemail Message: The resource https://exctransfers.com/fonts/GothamRounded-Medium.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
exctransfers.com
googleads.g.doubleclick.net
stats.g.doubleclick.net
u19375462.ct.sendgrid.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.185.136
142.250.186.100
142.250.186.130
142.250.186.131
142.250.186.174
142.250.186.98
167.89.115.121
185.60.216.19
185.60.216.35
35.184.135.168
64.233.166.155
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1128f85489a928f8e45cdf5e23571805a5f5a9b04f19e10e5cc17c885f2abc75
1489f10b85e55c354e671e29e7e9bcaa2c4cc7fb59c14290472a00177373b1e8
1d3af619ea37b5428388f33d0dcfd6cb5a0335a46dc2395aa531dc0f4e6e9e7e
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
20f752fb49f49b91278f6b2b865f6e5df90be7ced6023a8e2dc551f7e1141a68
24139f3bb8bdf41f6054aa9798cb6d602b7d62f33091ab13f260ae92277a2978
2b0b49fd0de0940eb6c062a52cb6f6558cefd1c54784ae9de435a84f2d3328b0
4513312cf610c7f997dad8119a56933dab08895b68ae79a40bf6ab1c4112e23c
496d2c924c0647ce12a0313f75281b5133a06fc994b022275e0b5c2c9bf41c35
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
546c2394855dd659b7fd0f7e7ff7d49cbc4f449526c87a970302ae7e9fb91ae9
579011a721c2a1077f3552eefbead7bbd1887fcdaa81830746cfdc9d8b1da689
5bcbc929e2834f58b1450147e1e148b69c2e3ab6dce876175a7da3f99ba0b78d
6283608f843474d54c6fcac561ce26c7cfa15be3dc1adef8dcb75129118bf26d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8bc310fbe659f2391b5837c41f5d6c3e64bd13d782ff638b1293332265be6d94
8f4ba76875131403c1065fd7341a5a50c9c92c48330daf4c0945ee4da473c04e
965b4b062f8ff96927949d7c9ce576c271cd0590b034027c0338daeef322a1c4
9de156fab10dab5526a2aea28e2b42198d393b0042a3e94546dffc2868ce833a
aef7388fa7251165a24bf42f909e17e37e27a4c96393eb3ee826a28f8dfdb5dc
b3922f46730ea89f13a3d7779b36abb27a5a0fc807e5a21bd2736299ccfdd4a8
d31f36cd99cb9d355cf77cb86352dce3e3b9d01695b4f11d4bfe7277d1ae2b17
d808511ed5f1c2a12f20beb2c461180e6ddcad11dda9db9e280ac17c3cc783f9
d8ca79062039ff69435d6ec775a537ac276f63352ce57e2b68299407cb2df3ba
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1a5b50168df1c50b68442a8b678e322bd6543b99c866b8d6d959f5fa78df47
f31eb22220a5f6893ddcc7e91c061efe9a1d5e12a447dc1133aa3646fe67abbf
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

exctransfers.com Open in urlscan Pro 35.184.135.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

0 %IPv6

10 Domains

11 Subdomains

11 IPs

2 Countries

814 kBTransfer

1627 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

exctransfers.com Open in urlscan Pro
35.184.135.168 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

2
Countries

814 kB
Transfer

1627 kB
Size

9
Cookies

37 HTTP transactions
4 data transactions