www.amzdfy.com Open in urlscan Pro
2606:4700::6810:fc2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Opti...
Submission Tags: falconsandbox
Submission: On April 16 via api (April 16th 2021, 12:13:34 am UTC) from US

Summary HTTP 109 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 31 domains to perform 109 HTTP transactions. The main IP is 2606:4700::6810:fc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.amzdfy.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.

This is the only time www.amzdfy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700::68... 2606:4700::6810:fc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.185.191.84 18.185.191.84	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20e8:5e00:13:c079:7880:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5	54.174.91.45 54.174.91.45	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.200.87.115 18.200.87.115	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:f87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	99.84.156.18 99.84.156.18	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2620:1ec:46::19 2620:1ec:46::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.25.18 13.32.25.18	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0d::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2604:a880:800... 2604:a880:800:10::1b49:d001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
3	52.42.132.160 52.42.132.160	16509 (AMAZON-02) (AMAZON-02)
2	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
109	39

9 2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.amzdfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.191.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com

widget.manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:5e00:13:c079:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.174.91.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-91-45.compute-1.amazonaws.com

142331.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.87.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-87-115.eu-west-1.compute.amazonaws.com

track.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:f87 (United States)

ASN13335 (CLOUDFLARENET, US)

mccdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-18.txl52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2a3::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:46::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.25.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-18.fra56.r.cloudfront.net

tag.segmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:a880:800:10::1b49:d001 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

track.segmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.42.132.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-132-160.us-west-2.compute.amazonaws.com

gw.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	google-analytics.com www.google-analytics.com	22 KB
9	google.com www.google.com analytics.google.com	737 B
9	amzdfy.com www.amzdfy.com	374 KB
8	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	6 KB
7	google.de www.google.de	489 B
7	gstatic.com fonts.gstatic.com	140 KB
6	clarity.ms 1 redirects www.clarity.ms c.clarity.ms	22 KB
6	clickfunnels.com assets.clickfunnels.com app.clickfunnels.com	5 KB
5	facebook.net connect.facebook.net	246 KB
5	hyros.com 142331.tracking.hyros.com	12 KB
4	oribi.io cdn.oribi.io gw.oribi.io	36 KB
3	facebook.com www.facebook.com	686 B
3	bing.com 1 redirects bat.bing.com c.bing.com	9 KB
3	manychat.com widget.manychat.com manychat.com	5 KB
3	googleapis.com fonts.googleapis.com	4 KB
3	fontawesome.com use.fontawesome.com	92 KB
2	pinterest.com ct.pinterest.com	544 B
2	snapchat.com tr.snapchat.com	411 B
2	segmetrics.io tag.segmetrics.io track.segmetrics.io	14 KB
2	pinimg.com s.pinimg.com	18 KB
2	googletagmanager.com www.googletagmanager.com	131 KB
1	twitter.com analytics.twitter.com
1	t.co t.co	448 B
1	reddit.com alb.reddit.com	125 B
1	redditstatic.com www.redditstatic.com	7 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	sc-static.net sc-static.net	6 KB
1	mccdn.me mccdn.me	87 KB
1	addevent.com track.addevent.com
1	cloudflare.com cdnjs.cloudflare.com	14 KB
109	31

	Domain	Requested by
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.amzdfy.com
9	www.amzdfy.com	www.amzdfy.com
7	www.google.de	www.amzdfy.com
7	www.google.com	www.googletagmanager.com www.amzdfy.com
7	fonts.gstatic.com	fonts.googleapis.com
5	connect.facebook.net	www.amzdfy.com connect.facebook.net
5	142331.tracking.hyros.com	www.amzdfy.com 142331.tracking.hyros.com
5	app.clickfunnels.com	www.amzdfy.com
4	googleads.g.doubleclick.net	www.googleadservices.com
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	www.clarity.ms	www.amzdfy.com www.clarity.ms
3	www.facebook.com	www.amzdfy.com
3	gw.oribi.io	cdn.oribi.io
3	fonts.googleapis.com	www.amzdfy.com
3	use.fontawesome.com	www.amzdfy.com use.fontawesome.com
2	ct.pinterest.com	s.pinimg.com www.amzdfy.com
2	tr.snapchat.com	www.amzdfy.com
2	c.clarity.ms	1 redirects www.amzdfy.com
2	analytics.google.com	www.googletagmanager.com
2	manychat.com	mccdn.me
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	bat.bing.com	www.googletagmanager.com www.amzdfy.com
2	www.googletagmanager.com	www.amzdfy.com www.googletagmanager.com
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	www.amzdfy.com
1	track.segmetrics.io	tag.segmetrics.io
1	c.bing.com	1 redirects
1	alb.reddit.com	www.amzdfy.com
1	tag.segmetrics.io	www.amzdfy.com
1	www.redditstatic.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	mccdn.me	widget.manychat.com
1	track.addevent.com	www.amzdfy.com
1	cdn.oribi.io	www.amzdfy.com
1	assets.clickfunnels.com	www.amzdfy.com
1	widget.manychat.com	www.amzdfy.com
1	cdnjs.cloudflare.com	www.amzdfy.com
109	39

This site contains no links.

Subject Issuer	Validity	Valid
www.amzdfy.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
widget.manychat.com Sectigo ECC Domain Validation Secure Server CA	`2021-03-18` - `2022-04-18`	a year	crt.sh
ssl566619.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-04-06` - `2021-10-13`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
oribi.io Amazon	`2020-07-16` - `2021-08-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tracking.hyros.com Amazon	`2020-06-30` - `2021-07-30`	a year	crt.sh
addevent.com Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
mccdn.me Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-07-06`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
www.clarity.ms DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-09-03`	a year	crt.sh
tag.segmetrics.io Amazon	`2020-12-15` - `2022-01-13`	a year	crt.sh
manychat.com COMODO RSA Domain Validation Secure Server CA	`2018-02-06` - `2021-05-05`	3 years	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-07-06`	6 months	crt.sh
c.msn.com Microsoft RSA TLS CA 02	`2021-02-03` - `2022-02-03`	a year	crt.sh
track.segmetrics.io R3	`2021-04-11` - `2021-07-10`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
*.oribi.io Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Frame ID: 163C6F9851A059280F66815CAEC26418
Requests: 104 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=2e214ea3-e15d-41de-aae3-07bb3ea28d3a
Frame ID: 61AD7458A6FF01A65B54D5315ED8E09C
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: C0C54D853085DA11711595E06AEF5680
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

ClickFunnels () Expand

Overall confidence: 100%
Detected patterns

env /Clickfunnels/i

Page Statistics

109
Requests

100 %
HTTPS

62 %
IPv6

31
Domains

39
Subdomains

39
IPs

4
Countries

1266 kB
Transfer

4217 kB
Size

45
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=4360C6C5DA174001AFE8A36D99FFD3DC&RedC=c.clarity.ms&MXFR=2E3E4C09E39D6CA71A155C12E79D6257 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=4360C6C5DA174001AFE8A36D99FFD3DC&MUID=362FB9FEF1D966523900A9E5F0B26726

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request start Show response
www.amzdfy.com/ 105 KB
16 KB 486ms
447ms Document
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

9195991596f8acb60df9e42982a0962a5f3d71cd75aa313d64f2638bc217f5e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: www.amzdfy.com
:scheme: https
:path: /start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:16 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d24e35f3b76eab23dbc7c3ed17f0537361618531996; expires=Sun, 16-May-21 00:13:16 GMT; path=/; domain=.www.amzdfy.com; HttpOnly; SameSite=Lax __cf_bm=f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd; path=/; expires=Fri, 16-Apr-21 00:43:16 GMT; domain=.www.amzdfy.com; HttpOnly; Secure; SameSite=None
cf-ray: 640934f20e514dd0-FRA
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-request-id: 09799f6b4b00004dd006817000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: bcf2e770ccd60748962a48ab9c914832
x-runtime: 0.292632
server: cloudflare
content-encoding: br

GET
H2 200 lander.css
www.amzdfy.com/assets/ 425 KB
65 KB 36ms
34ms Stylesheet
text/css 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amzdfy.com/assets/lander.css

Requested by

Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9204c6be951f768be3956b8caba9e0e1e4ffbea1e1fc1735ef73f6cfc4e0612

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /assets/lander.css
pragma: no-cache
cookie: __cfduid=d24e35f3b76eab23dbc7c3ed17f0537361618531996; __cf_bm=f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.amzdfy.com
referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 741
cf-request-id: 09799f6d1700004dd02a937000000001
last-modified: Thu, 15 Apr 2021 21:05:12 GMT
server: cloudflare
etag: W/"6078aa88-6a4e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 640934f4f9324dd0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 16 Apr 2021 00:33:16 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
14 KB 19ms
18ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:16 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2019 20:35:33 GMT
server: NetDNA-cache/2.2
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 21ms
19ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:16 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2019 20:35:35 GMT
server: NetDNA-cache/2.2
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 44 KB
2 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fd89d19383dc52535875138f8cd475a44299c4070a3a35fe7572fbdfc05646d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 23:17:01 GMT
server: ESF
date: Fri, 16 Apr 2021 00:13:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 00:13:16 GMT

GET
H2 200 application.js Show response
www.amzdfy.com/assets/userevents/ 5 KB
2 KB 31ms
30ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amzdfy.com/assets/userevents/application.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /assets/userevents/application.js
pragma: no-cache
cookie: __cfduid=d24e35f3b76eab23dbc7c3ed17f0537361618531996; __cf_bm=f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.amzdfy.com
referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 738
cf-request-id: 09799f6d1800004dd01f97f000000001
last-modified: Thu, 15 Apr 2021 21:05:12 GMT
server: cloudflare
etag: W/"6078aa88-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 640934f4f9334dd0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 16 Apr 2021 00:33:16 GMT

GET
H2 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ 47 KB
14 KB 21ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1834453
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13696
cf-request-id: 09799f6d140000c2f477914000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-bb47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LONcRw3lsCY4KBjLO9MmFMTYO7EzdfPLsn6kW5Z0eRhyAvY5bSqEzkDQ%2FeGLqGbDi9eEpuoyzYaoUjC4Z2quFFVwfQYUBYAVutv2TnIMtlLLVg7zKAuBhNQRMnrlj4jtgQ%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 640934f4ea71c2f4-FRA
expires: Wed, 06 Apr 2022 00:13:16 GMT

GET
H2 200 512738342454453.js Show response
widget.manychat.com/ 14 KB
4 KB 72ms
23ms Script
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.manychat.com/512738342454453.js
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.17.8.2 /
Resource Hash: 4ae4799f983b9501a35fa3f88d0a52adc5edd7ef3fda4d0dd6611cdfbc0c459a

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
cache-control: no-store
server: openresty/1.17.8.2
content-encoding: gzip
content-type: text/plain; charset=utf-8

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
1 KB 39ms
37ms Image
image/webp 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.clickfunnels.com/images/closemodal.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 707397
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
cf-request-id: 09799f6d500000063128378000000001
last-modified: Wed, 07 Apr 2021 16:29:02 GMT
server: cloudflare
etag: "606dddce-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 17 May 2021 00:13:17 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 640934f54dc50631-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri,csam-hash

GET
H3-29 200 css
fonts.googleapis.com/ 10 KB
992 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Helvetica+Neue+Helvetica+Arial+sans-serif%7CSource+Sans+Pro%7COpen+Sans%7COswald%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CRaleway%7CArimo%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7C%7C

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d176e03d4f72799aec48021601e6475e9ac7f10b2e5aba614d22fcedc79e4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 00:13:16 GMT
server: ESF
date: Fri, 16 Apr 2021 00:13:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 00:13:16 GMT

GET
H2 200 rsz_2dwy-black.png
www.amzdfy.com/hosted/images/0a/59e071bc7e4eb2a7c62b2e6c5d6842/ 7 KB
7 KB 29ms
27ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amzdfy.com/hosted/images/0a/59e071bc7e4eb2a7c62b2e6c5d6842/rsz_2dwy-black.png
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f05abf83e0d046e74915fa907786efd90826e25f086bae563ab0a972b334907

Request headers

:path: /hosted/images/0a/59e071bc7e4eb2a7c62b2e6c5d6842/rsz_2dwy-black.png
pragma: no-cache
cookie: __cfduid=d24e35f3b76eab23dbc7c3ed17f0537361618531996; __cf_bm=f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.amzdfy.com
referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
cf-cache-status: HIT
age: 2347
cf-polished: origSize=7377
content-length: 7229
cf-request-id: 09799f6d5000004dd0ec9c8000000001
last-modified: Sat, 14 Nov 2020 12:50:47 GMT
server: cloudflare
etag: "9d0eccd7184a8b1b6b564f73b450032f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 640934f549834dd0-FRA
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 lander.js Show response
www.amzdfy.com/assets/ 985 KB
274 KB 25ms
25ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amzdfy.com/assets/lander.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee3630396a683aceca39588bbb33dfcd1bdc231226cd2030219659810d12ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /assets/lander.js
pragma: no-cache
cookie: __cfduid=d24e35f3b76eab23dbc7c3ed17f0537361618531996; __cf_bm=f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.amzdfy.com
referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 741
cf-request-id: 09799f6d3e00004dd043021000000001
last-modified: Thu, 15 Apr 2021 21:05:12 GMT
server: cloudflare
etag: W/"6078aa88-f636e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 640934f5296b4dd0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 16 Apr 2021 00:33:17 GMT

GET
H2 200 mailcheck.min.js Show response
app.clickfunnels.com/ 3 KB
1 KB 40ms
39ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/mailcheck.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3665
cf-request-id: 09799f6d510000063112bfd000000001
last-modified: Thu, 15 Apr 2021 21:05:12 GMT
server: cloudflare
etag: W/"6078aa88-a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 640934f54dc60631-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 pushcrew.js Show response
app.clickfunnels.com/assets/ 637 B
718 B 52ms
51ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 249
cf-request-id: 09799f6d5100000631d52d7000000001
last-modified: Thu, 15 Apr 2021 21:05:11 GMT
server: cloudflare
etag: W/"6078aa87-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 640934f54dc70631-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 16 Apr 2021 00:33:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 485 KB
83 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f236afb1cc457f51bb87588e33c4f4c552f8152c03cb0835419b406e55af1b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85334
x-xss-protection: 0
expires: Fri, 16 Apr 2021 00:13:17 GMT

GET
H2 200 oribi.js Show response
cdn.oribi.io/Xzc5MTIwOTQ5NQ/ 108 KB
35 KB 499ms
468ms Script
application/javascript 2600:9000:20e8:5e00:13:c079:7880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.oribi.io/Xzc5MTIwOTQ5NQ/oribi.js
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:5e00:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a00423c01a7ee6d971a6b648d529ae72a6b00131c808b4d28ea4a0d0a1eb1de6

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
via: 1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=60
content-encoding: gzip
x-amz-cf-id: R7muTz5TWTqHVamKs96mgOcQQLc22Tho7FGQArld7hWoUjeWeEHg5w==
x-application-context: application

GET
H2 200 grey-geo.webp
www.amzdfy.com/hosted/images/cb/708ed2b7524e8f8e341438229bf243/ 3 KB
4 KB 31ms
31ms Image
image/webp 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amzdfy.com/hosted/images/cb/708ed2b7524e8f8e341438229bf243/grey-geo.webp
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe60918db14e0c8d35a6d3734082e9e2e81fcb1816d7011a03db75d2bb091b1

Request headers

:path: /hosted/images/cb/708ed2b7524e8f8e341438229bf243/grey-geo.webp
pragma: no-cache
cookie: __cfduid=d24e35f3b76eab23dbc7c3ed17f0537361618531996; __cf_bm=f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.amzdfy.com
referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
cf-cache-status: HIT
age: 2345
content-length: 3560
cf-request-id: 09799f6d5700004dd02a939000000001
last-modified: Mon, 16 Mar 2020 18:49:22 GMT
server: cloudflare
etag: "ff0ce76ba8806ee3a33c3bd29da3d62f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 640934f559934dd0-FRA
cf-bgj: csam-hash

GET
H2 200 email2.png
www.amzdfy.com/images/ 264 B
779 B 54ms
54ms Image
image/webp 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amzdfy.com/images/email2.png

Requested by

Host: www.amzdfy.com
URL: https://www.amzdfy.com/assets/lander.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bb423d3e4ed0943dcfbb920651ea92fe3468e19d047ced423b8cd23f00f6c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /images/email2.png
pragma: no-cache
cookie: __cfduid=d24e35f3b76eab23dbc7c3ed17f0537361618531996; __cf_bm=f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.amzdfy.com
referer: https://www.amzdfy.com/assets/lander.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amzdfy.com/assets/lander.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 1227374
cf-polished: origFmt=png, origSize=3200
content-disposition: inline; filename="email2.webp"
content-length: 264
cf-request-id: 09799f6d6800004dd04d20d000000001
last-modified: Tue, 30 Mar 2021 16:05:50 GMT
server: cloudflare
etag: "60634c5e-c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 17 May 2021 00:13:17 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 640934f579a84dd0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri,csam-hash

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.amzdfy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
age: 396579
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.amzdfy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 396579
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 24 KB
24 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.amzdfy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:19 GMT
server: sffe
age: 396579
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24064
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 73 KB
73 KB 57ms
28ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Request headers

Origin: https://www.amzdfy.com
Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
last-modified: Tue, 04 Jun 2019 20:36:07 GMT
server: NetDNA-cache/2.2
etag: "7559b3774a0625e8ca6c0160f8f6cfd8"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 74508

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 46 KB
46 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.amzdfy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 79815
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H2 200 P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
fonts.gstatic.com/s/arimo/v17/ 10 KB
10 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v17/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Helvetica+Neue+Helvetica+Arial+sans-serif%7CSource+Sans+Pro%7COpen+Sans%7COswald%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CRaleway%7CArimo%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7C%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2e100dccf35fc8fbda8298d47d2719362a984ff46eebf871a878376224071df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.amzdfy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:11:50 GMT
server: sffe
age: 79815
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9976
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H3-29 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.amzdfy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
age: 396579
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.amzdfy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 396579
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 vendor.js Show response
www.amzdfy.com/ 18 KB
5 KB 47ms
46ms Script
application/javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amzdfy.com/vendor.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:path: /vendor.js
pragma: no-cache
cookie: __cfduid=d24e35f3b76eab23dbc7c3ed17f0537361618531996; __cf_bm=f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.amzdfy.com
referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 844
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
cf-request-id: 09799f6e5500004dd01a338000000001
x-request-id: f5e24ddb-cab6-4274-a130-a6cc350e94b4
x-runtime: 0.007490
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
cf-ray: 640934f6eaff4dd0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: fresh

GET
H2 200 universal-script Show response
142331.tracking.hyros.com/v1/lst/ 11 KB
11 KB 320ms
99ms Script
text/plain 54.174.91.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://142331.tracking.hyros.com/v1/lst/universal-script?ph=5da86a128e5d7c901c843bdb0b8ecb3e5c815b31c127e10f825829f04bfdd703&tag=!tracking
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.91.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-91-45.compute-1.amazonaws.com
Software: Jetty(9.4.14.v20181114) /
Resource Hash: a9537411ee70a9a6108ccf946b3c29856686dbc389f4a7eb596523df4ba48d64

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
access-control-allow-credentials: true
server: Jetty(9.4.14.v20181114)
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/plain;charset=utf-8

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
463 B 167ms
166ms XHR
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=aU1nQlk1SkFmSVI1UWswcm93alE3QT09LS16ZUdabDB6U2I2L2dSVWdLYlREN3RnPT0%3D--467ca7123edcfd990e2826689f699120bf3e31a0&page_id=NFNKUWpRTlVlaWM1WkF4SEF6UkdmQT09LS1CQWoramlyKzNzeWtFQnE4Y2tnMjNRPT0%3D--2f99090674af451a9de4b5185c4989f4f5b82710&funnel_step_id=bUx6UDNxVThTWmowUis0VkkwTTRzUT09LS1sQzNLRk9LcUlpZHlkL05xQlgzK3FnPT0%3D--b15db83250bdc48f100195386500f814b30a81d5&user_id=M24xeFEzMTUvNTRZaEVqQW52NFdXQT09LS1JZHRMU1VmNEcwTzJ2ZXczU0l4dkxnPT0%3D--17e39345cf9212ef2a376c4719966c66b2c2c30e&account_id=NGNyM2dEeitiSkxHa0pHbkY2cTB0dz09LS1KWHFUd1dnMDBXRWdlNmhPWFVPYW5BPT0%3D--401c5380d39077b07b51eace3a124b9933e4523b&page_code=NDc0ODIxODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=cpc&name=&source=google&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=5b207266-df80-4a8f-922b-4626570a1b8e&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB

Requested by

Host: www.amzdfy.com
URL: https://www.amzdfy.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
access-control-request-method: *
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
cf-request-id: 09799f6e5400004a6d7db71000000001
x-request-id: 6ec64ea6430e6347db654b97e3f4c6c1
x-runtime: 0.031446
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 640934f6e8754a6d-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
783 B 187ms
186ms XHR
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=aU1nQlk1SkFmSVI1UWswcm93alE3QT09LS16ZUdabDB6U2I2L2dSVWdLYlREN3RnPT0%3D--467ca7123edcfd990e2826689f699120bf3e31a0&page_id=NFNKUWpRTlVlaWM1WkF4SEF6UkdmQT09LS1CQWoramlyKzNzeWtFQnE4Y2tnMjNRPT0%3D--2f99090674af451a9de4b5185c4989f4f5b82710&funnel_step_id=bUx6UDNxVThTWmowUis0VkkwTTRzUT09LS1sQzNLRk9LcUlpZHlkL05xQlgzK3FnPT0%3D--b15db83250bdc48f100195386500f814b30a81d5&user_id=M24xeFEzMTUvNTRZaEVqQW52NFdXQT09LS1JZHRMU1VmNEcwTzJ2ZXczU0l4dkxnPT0%3D--17e39345cf9212ef2a376c4719966c66b2c2c30e&account_id=NGNyM2dEeitiSkxHa0pHbkY2cTB0dz09LS1KWHFUd1dnMDBXRWdlNmhPWFVPYW5BPT0%3D--401c5380d39077b07b51eace3a124b9933e4523b&page_code=NDc0ODIxODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=cpc&name=&source=google&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=07d05aa9-e85b-4b70-bb6e-c44adafe41f9&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB

Requested by

Host: www.amzdfy.com
URL: https://www.amzdfy.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
access-control-request-method: *
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
cf-request-id: 09799f6e5500004a6d80aa3000000001
x-request-id: 7c196b6847530f58f281dc2b679df92d
x-runtime: 0.026034
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 640934f6e8784a6d-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
333 B 166ms
166ms XHR
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=aU1nQlk1SkFmSVI1UWswcm93alE3QT09LS16ZUdabDB6U2I2L2dSVWdLYlREN3RnPT0%3D--467ca7123edcfd990e2826689f699120bf3e31a0&page_id=NFNKUWpRTlVlaWM1WkF4SEF6UkdmQT09LS1CQWoramlyKzNzeWtFQnE4Y2tnMjNRPT0%3D--2f99090674af451a9de4b5185c4989f4f5b82710&funnel_step_id=bUx6UDNxVThTWmowUis0VkkwTTRzUT09LS1sQzNLRk9LcUlpZHlkL05xQlgzK3FnPT0%3D--b15db83250bdc48f100195386500f814b30a81d5&user_id=M24xeFEzMTUvNTRZaEVqQW52NFdXQT09LS1JZHRMU1VmNEcwTzJ2ZXczU0l4dkxnPT0%3D--17e39345cf9212ef2a376c4719966c66b2c2c30e&account_id=NGNyM2dEeitiSkxHa0pHbkY2cTB0dz09LS1KWHFUd1dnMDBXRWdlNmhPWFVPYW5BPT0%3D--401c5380d39077b07b51eace3a124b9933e4523b&page_code=NDc0ODIxODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=cpc&name=&source=google&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=2fcc4ded-a6c5-475e-b3b0-8ea1b2b84c84&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB

Requested by

Host: www.amzdfy.com
URL: https://www.amzdfy.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
access-control-request-method: *
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
cf-request-id: 09799f6e5500004a6dc636a000000001
x-request-id: a0953dddabe08cbc40bae31028bcb812
x-runtime: 0.036801
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 640934f6e87a4a6d-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H/1.1 200
OK /
track.addevent.com/atc/ 0
0 95ms
32ms Image
text/html 18.200.87.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=5b725086-8c6c-4b6a-4668-e29a614c1df0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&cache=1618531997305
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.87.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-87-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, X-Access-Token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS

GET
H2 200 widget.js Show response
mccdn.me/assets/js/ 384 KB
87 KB 42ms
27ms Script
application/javascript 2606:4700:20::681a:f87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mccdn.me/assets/js/widget.js
Requested by: Host: widget.manychat.com
URL: https://widget.manychat.com/512738342454453.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51c628edea8a472eed700e7073967ddae61c6254400d87432f3d7a03a1b4845

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 13:16:38 GMT
server: cloudflare
age: 2405
etag: W/"60783cb6-600e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RrzaTeRlMHS1E7mIudstAKI%2FVbs1MqiJYoMM6CrWhN9Z7WTtgHseh9V2588A6nF%2BEGW1KJzsiXW%2FFUzvpIiNLITXHHqQ0rP6frOeqfHC12EPSS34jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7200
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 640934f759a44a56-FRA
cf-request-id: 09799f6e9500004a5607ad6000000001

POST
H2 200 landing
www.google.com/pagead/ 42 B
108 B 29ms
27ms Ping
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/pagead/landing?gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&gtm=2wg472PFR4VT3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
47 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQCFK9ZPHY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

627cc3265b1b27d7a784de9ca62e2d4f8bf577a5f54ef917177d05d7acf2dbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48588
x-xss-protection: 0
expires: Fri, 16 Apr 2021 00:13:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1188
date: Thu, 15 Apr 2021 23:53:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 16 Apr 2021 01:53:29 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 29 KB
9 KB 28ms
27ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref: Ref A: AE5D65D77A244C19B165E45927635783 Ref B: FRAEDGE1408 Ref C: 2021-04-16T00:13:17Z
etag: "0c77652ec27d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8885

GET
H2 200 scevent.min.js Show response
sc-static.net/ 14 KB
6 KB 140ms
66ms Script
application/javascript 99.84.156.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-18.txl52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: TXL52-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5720
via: 1.1 458f29e42261f01e7368474593f44b66.cloudfront.net (CloudFront)
x-amz-cf-id: JWRpxpoYY1T4f3bCH7d0iQJ4o_F0nwPLdRrLvJLl1mpH4TbAzsepug==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 54ms
54ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13879
x-xss-protection: 0
server: cafe
etag: 4168474919333271250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 00:13:17 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 81ms
29ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 84110
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1618531997.448538,VS0,VE0
x-served-by: cache-hhn11541-HHN

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
826 B 117ms
101ms Script
application/javascript 2a02:26f0:6c00:2a3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a3::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b0a826fa53a52c446352d13c02654eff897691e910dbf3a3d79b44757fd37fea

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "c6fbf499a6a1afdef9597a0d274bdd3f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: bce2757-2.16.186.143
accept-ranges: bytes
content-length: 578
access-control-expose-headers: X-CDN

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 20 KB
7 KB 78ms
29ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR4VT3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 38c9e8d2dfaf439f732463b5ae80c7d5da32bd8594172a56041794f080b2a3bc

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 01 Apr 2021 21:20:31 GMT
server: snooserv
etag: "f130bbfe131c22854e51f461d761041d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 6670

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23960
x-fb-rlafr: 0
pragma: public
x-fb-debug: UrCWjoC+yACspNR2s/K5zsBn3HNcjKn63zbPv/EX8wJPmz37sFm00WVhT2DTdEddIVv2qaIHR74k4Pqw2LnmKQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 16 Apr 2021 00:13:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3vk7u9isgr Show response
www.clarity.ms/tag/ 445 B
834 B 120ms
100ms Script
application/x-javascript 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/3vk7u9isgr
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 286b38b7d75184cacbc49451f6f47bf9a3e300d33d18c02a2283502255785fbe

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store
x-azure-ref: 0ndZ4YAAAAAA/QCaVgsmCS5DH0vx0uq0sRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires: -1

GET
H2 200 a1vWm4.js Show response
tag.segmetrics.io/ 13 KB
14 KB 118ms
29ms Script
text/x-c 13.32.25.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.segmetrics.io/a1vWm4.js
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-18.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9941e4302952ab747f9fddea25a88e774b6fe961de75fad74f8b10cda1ab0356

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:25:18 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 01:24:14 GMT
server: AmazonS3
age: 82080
etag: "c8dc47f44412d057e63128cb801ceeb1"
x-cache: Hit from cloudfront
content-type: text/x-c
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 13819
x-amz-cf-id: ShTGawFcaACQXceB7UlmCNLKqt-9zCTaKuWwG9uOuloPhyhi6SmSag==

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 625
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 16 Apr 2021 01:02:52 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 16 Apr 2021 01:00:57 GMT

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.39

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: e/yyGSihYHUkb30bD6vMGPa0fp2FZOdTNYaZFQNEzxqQJ4Cx+kAdyovlV4CBzAyHBqYWlYf0VGgWTqfi2blaMw==
x-frame-options: DENY
date: Fri, 16 Apr 2021 00:13:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 2654299994804370 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 66ms
65ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2654299994804370?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b5f6a267c040f530d99b76b8179f484f419254dfd88002a024744589bd82c14c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: LHF8zHknYaYujMnHOGTv/tHOuyyoaPGcnOsyth67JrdxO6mhx/epPeeW9DsGDvzP/Yx4K1OgWsONv21ExD3TlQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Fri, 16 Apr 2021 00:13:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 204 logEvent
manychat.com/pixel/ Frame 0
0 71ms
23ms Preflight
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Protocol: H2
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.amzdfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: openresty/1.17.8.2
date: Fri, 16 Apr 2021 00:13:17 GMT
access-control-allow-origin: https://www.amzdfy.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

GET
H3-29 200 css
fonts.googleapis.com/ 1 KB
394 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:600,500,400,300

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

257dd6cd74a3c887e83a1f454cb446ffb19d25882760a47f886f3e01f42987fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 22:46:23 GMT
server: ESF
date: Fri, 16 Apr 2021 00:13:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 00:13:17 GMT

POST
H2 200 logEvent Show response
manychat.com/pixel/ 15 B
146 B 23ms
23ms XHR
application/json 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Requested by: Host: mccdn.me
URL: https://mccdn.me/assets/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.17.8.2 /
Resource Hash: 52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
server: openresty/1.17.8.2
content-type: application/json

POST
H2 204 collect
analytics.google.com/g/ 0
193 B 27ms
25ms Ping
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DQCFK9ZPHY&gtm=2oe472&_p=817947153&sr=1600x1200&_gaz=1&ul=en-us&cid=1546604296.1618531997&_s=1&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&dt=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&sid=1618531997&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&ep.page_path=www.amzdfy.com%2Fstart
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQCFK9ZPHY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amzdfy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
74 B 17ms
17ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQCFK9ZPHY&cid=1546604296.1618531997&gtm=2oe472&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQCFK9ZPHY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amzdfy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
28ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQCFK9ZPHY&cid=1546604296.1618531997&gtm=2oe472&aip=1&z=779286562

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25017824&tm=gtm001&Ver=2&mid=710081d2-bb05-4b8b-b22a-a2884fa278f3&sid=8b311fc09e4811ebb37fadf64dcb9f0e&vid=8b3226609e4811ebae14816ae51f0d34&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&kw=Kevin%20David,%20Marketer%20Agency%20Program,%20MAP&p=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&r=&lt=862&evt=pageLoad&msclkid=N&sv=1&rn=441250
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D7988017A8464A27B5C973CDFA5DED66 Ref B: FRAEDGE1408 Ref C: 2021-04-16T00:13:17Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 42ms
18ms XHR
text/plain 2a00:1450:400c:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-68790304-2&cid=1546604296.1618531997&jid=476895355&gjid=1784888220&_gid=1678267743.1618531997&_u=6GBAgEArAAAAgE~&z=254041842

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Apr 2021 00:13:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.amzdfy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 31ms
19ms XHR
text/plain 2a00:1450:400c:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-68790304-13&cid=1546604296.1618531997&jid=457066047&gjid=1491092881&_gid=1678267743.1618531997&_u=6GDAiEArBAAAgE~&z=1354485286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Apr 2021 00:13:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.amzdfy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 26ms
26ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=817947153&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&ul=en-us&de=UTF-8&dt=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Script%20Error&ea=Script%20error.&el=0&_u=6GDACEArBAAAgG~&jid=156372308&gjid=619478972&cid=1546604296.1618531997&tid=UA-68790304-2&_gid=1678267743.1618531997&_r=1&gtm=2wg472PFR4VT3&z=112660908

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amzdfy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=817947153&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&ul=en-us&de=UTF-8&dt=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAgEArAAAAg~&jid=476895355&gjid=1784888220&cid=1546604296.1618531997&tid=UA-68790304-2&_gid=1678267743.1618531997&gtm=2wg472PFR4VT3&z=718920266

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=817947153&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&ul=en-us&de=UTF-8&dt=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAiEArBAAAgE~&jid=457066047&gjid=1491092881&cid=1546604296.1618531997&tid=UA-68790304-13&_gid=1678267743.1618531997&gtm=2wg472PFR4VT3&z=313765302

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 178ms
129ms Image
image/gif 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1618531997575&id=t2_1u8cpuv0&event=PageVisit&uuid=cce6e84e-c632-4f3d-9432-bc550b8afb71&aaid=&em=&idfa=&opt_out=0&sh=1600&sw=1200&s=xiUAVz5eB3LyKJGfuu1AvtUw1vpRJVuXlGTLC2ZwSvg%3D
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/940101871/ 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940101871/?random=1618531997579&cv=9&fst=1618531997579&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c9c43644ae5f8f72d518a39e4d63cb08f77579cd676a634b5fa6960ae1dfcda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/751276644/ 3 KB
1 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/751276644/?random=1618531997582&cv=9&fst=1618531997582&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7007d8f0a310fa1bcf385532ebb81cb3468e1394f3a93c110ede353b818013e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1242
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/751260059/ 3 KB
1 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/751260059/?random=1618531997583&cv=9&fst=1618531997583&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9df6b8e1666b9f3b395e9dbb2db7211d5e0767c4499422da578d868c5f15aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1242
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/710384480/ 3 KB
1 KB 129ms
129ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/710384480/?random=1618531997584&cv=9&fst=1618531997584&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6afbca921f1feab9fa04944b9e0fd4d1f4abb5a9f0528d6bf32bf4e70adc678e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1242
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.dec9de31.js Show response
s.pinimg.com/ct/lib/ 49 KB
17 KB 102ms
102ms Script
application/javascript 2a02:26f0:6c00:2a3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.dec9de31.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a3::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 850420a74b035447dcf888c73803e7588d07aa16c80c3ee326c7c575186bd001

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "534cdacf4ffd94bf57ac75057dd94604"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: bce278e-2.16.186.143
accept-ranges: bytes
content-length: 17139
access-control-expose-headers: X-CDN

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.12/ 46 KB
20 KB 102ms
102ms Script
application/javascript 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.12/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3vk7u9isgr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 456567424b09db1a6109143c9b68e0ca6c5281aa0048c4573840a23715789e57

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: br
etag: "1d72f24d59e7f35"
last-modified: Sun, 11 Apr 2021 22:48:48 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0ndZ4YAAAAACezO896I+cSYHeOOoYeg3DRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=4360C6C5DA174001AFE8A36D99FFD3DC&RedC=c.clarity.ms&MXFR=2E3E4C09E39D6CA71A155C12E79D6257
https://c.clarity.ms/c.gif?CtsSyncId=4360C6C5DA174001AFE8A36D99FFD3DC&MUID=362FB9FEF1D966523900A9E5F0B26726

42 B
356 B

47ms
47ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=4360C6C5DA174001AFE8A36D99FFD3DC&MUID=362FB9FEF1D966523900A9E5F0B26726
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "506f5bd17ad71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-msedge-ref: Ref A: 1897DA802E9D4FECA517E9B32E5E1EC5 Ref B: FRAEDGE1408 Ref C: 2021-04-16T00:13:17Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=4360C6C5DA174001AFE8A36D99FFD3DC&MUID=362FB9FEF1D966523900A9E5F0B26726
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 collect
track.segmetrics.io/ 43 B
244 B 274ms
88ms Ping
image/gif 2604:a880:800:10::1b49:d001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://track.segmetrics.io/collect?t=view&r=&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&v=2&a=a1vWm4&i=5384&uid=5055f18f79379274478814383bb9a761
Requested by: Host: tag.segmetrics.io
URL: https://tag.segmetrics.io/a1vWm4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2604:a880:800:10::1b49:d001 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
cache-control: no-cache
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.10.3 (Ubuntu)
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 197ms
139ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o52k2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Fri, 16 Apr 2021 00:13:17 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0237719a260188430ca4f9e94cf3abb2
x-transaction: 00060ee8005c4738
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-68790304-2&cid=1546604296.1618531997&jid=156372308&gjid=619478972&_gid=1678267743.1618531997&_u=6GDACEArBAAAgG~&z=636664080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Apr 2021 00:13:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.amzdfy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-68790304-2&cid=1546604296.1618531997&jid=476895355&_u=6GBAgEArAAAAgE~&z=192634844

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-68790304-2&cid=1546604296.1618531997&jid=476895355&_u=6GBAgEArAAAAgE~&z=192634844

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 520583908599552 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 111ms
111ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/520583908599552?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e49bc275a3a7487ae7629980e1db49073bd7ed7c8ade4986f3ca4fbd78d20948

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: vnuZ4rp9R5KoCbycx+ylYPLxzGJHYL2Jxp06cmUM8NmGbbvHs76kzErMTMQuzHEOZSiwFxZ5tFRkeKzTFJqyXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Fri, 16 Apr 2021 00:13:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 61AD 0
203 B 57ms
25ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=2e214ea3-e15d-41de-aae3-07bb3ea28d3a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=2e214ea3-e15d-41de-aae3-07bb3ea28d3a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amzdfy.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.amzdfy.com/

Response headers

server: nginx/1.17.3
date: Fri, 16 Apr 2021 00:13:17 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
29ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-68790304-2&cid=1546604296.1618531997&jid=156372308&_u=6GDACEArBAAAgG~&z=1997292779

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-68790304-2&cid=1546604296.1618531997&jid=156372308&_u=6GDACEArBAAAgG~&z=1997292779

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
tr.snapchat.com/ Frame C0C5 0
208 B 54ms
30ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 496
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.amzdfy.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amzdfy.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.amzdfy.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.amzdfy.com/

Response headers

server: nginx/1.17.3
date: Fri, 16 Apr 2021 00:13:17 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgEsIlIOJXjGUckTMHw3xLVuo4KfZecVSlh/YTFpt1MtM+A+Gwjwkd/BMUJ4zIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/940101871/ 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/940101871/?random=1618531997579&cv=9&fst=1618531200000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&async=1&fmt=3&is_vtc=1&random=105691564&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/940101871/ 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/940101871/?random=1618531997579&cv=9&fst=1618531200000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&async=1&fmt=3&is_vtc=1&random=105691564&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 event Show response
gw.oribi.io/ 0
406 B 540ms
178ms XHR
text/plain 52.42.132.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.oribi.io/event
Requested by: Host: cdn.oribi.io
URL: https://cdn.oribi.io/Xzc5MTIwOTQ5NQ/oribi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.132.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-132-160.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.amzdfy.com
date: Fri, 16 Apr 2021 00:13:18 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
x-application-context: application
content-type: text/plain

GET
H2 200 gusid Show response
142331.tracking.hyros.com/v1/lst/ 0
458 B 108ms
107ms XHR
text/plain 54.174.91.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://142331.tracking.hyros.com/v1/lst/gusid
Requested by: Host: 142331.tracking.hyros.com
URL: https://142331.tracking.hyros.com/v1/lst/universal-script?ph=5da86a128e5d7c901c843bdb0b8ecb3e5c815b31c127e10f825829f04bfdd703&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.91.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-91-45.compute-1.amazonaws.com
Software: Jetty(9.4.14.v20181114) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.amzdfy.com/
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

date: Fri, 16 Apr 2021 00:13:18 GMT
session-id: HB-ET_cd8c56a645a101a2548f5d16dcbb2de97100125bd88f1d5b1ecede511c1560aa
etag: HB-ET_cd8c56a645a101a2548f5d16dcbb2de97100125bd88f1d5b1ecede511c1560aa
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.amzdfy.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 0
server: Jetty(9.4.14.v20181114)

OPTIONS
H2 200 gusid
142331.tracking.hyros.com/v1/lst/ Frame 0
0 297ms
99ms Preflight
application/vnd.sun.wadl+xml 54.174.91.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://142331.tracking.hyros.com/v1/lst/gusid
Protocol: H2
Server: 54.174.91.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-91-45.compute-1.amazonaws.com
Software: Jetty(9.4.14.v20181114) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Origin: https://www.amzdfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
content-type: application/vnd.sun.wadl+xml;charset=utf-8
content-length: 1322
access-control-allow-origin: https://www.amzdfy.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
allow: HEAD,GET,OPTIONS
last-modified: Fri, 16 Apr 2021 00:13:17 UTC
server: Jetty(9.4.14.v20181114)

GET
H2 200 / Show response
ct.pinterest.com/user/ 57 B
448 B 100ms
49ms XHR
application/json 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612949802837&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1618531997692
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.dec9de31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 416f8f0495ba92daeea67e5485a162ca8062ffd1c0d276cb8a26e4537aecb520

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.amzdfy.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU4yUmlPVEEwWldFdFpUaG1aQzAwT0RFMExUaGpaREV0T1RGalpqVXpZekExTm1WbQ
x-pinterest-rid: 4084832344474232
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
content-length: 69
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 101ms
51ms Image
image/gif 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612949802837&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22dec9de31%22%7D&cb=1618531997693
Requested by: Host: www.amzdfy.com
URL: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 5125677930023951
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/751276644/ 42 B
64 B 39ms
35ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/751276644/?random=1618531997582&cv=9&fst=1618531200000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&async=1&fmt=3&is_vtc=1&random=3327798915&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/751276644/ 42 B
64 B 36ms
33ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/751276644/?random=1618531997582&cv=9&fst=1618531200000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&async=1&fmt=3&is_vtc=1&random=3327798915&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/710384480/ 42 B
64 B 37ms
34ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/710384480/?random=1618531997584&cv=9&fst=1618531200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&async=1&fmt=3&is_vtc=1&random=3765212689&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/710384480/ 42 B
64 B 35ms
32ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/710384480/?random=1618531997584&cv=9&fst=1618531200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&async=1&fmt=3&is_vtc=1&random=3765212689&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/751260059/ 42 B
64 B 37ms
35ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/751260059/?random=1618531997583&cv=9&fst=1618531200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&async=1&fmt=3&is_vtc=1&random=674905882&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/751260059/ 42 B
64 B 36ms
33ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/751260059/?random=1618531997583&cv=9&fst=1618531200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&tiba=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&async=1&fmt=3&is_vtc=1&random=674905882&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 2020549668078635 Show response
connect.facebook.net/signals/config/ 254 KB
73 KB 74ms
73ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2020549668078635?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ceefa5ae0dfd53fb6e488ddb9cbc4798d746f06e06cdd105be6b4211204dadf2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: bfE9oy6rar4Kej7FXCWINOPmqAWXz7v9ctdz0w3KzzYCbNSnaOIl6JsmfR6BBmw4Vq9LAIUPNACJrFRt/maXHA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Fri, 16 Apr 2021 00:13:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2654299994804370&ev=PageView&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&rl=&if=false&ts=1618531997865&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=29&fbp=fb.1.1618531997864.2070995746&it=1618531997432&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Apr 2021 00:13:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=520583908599552&ev=PageView&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&rl=&if=false&ts=1618531997868&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=29&fbp=fb.1.1618531997864.2070995746&it=1618531997432&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Apr 2021 00:13:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2020549668078635&ev=PageView&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&rl=&if=false&ts=1618531997869&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=29&fbp=fb.1.1618531997864.2070995746&it=1618531997432&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Apr 2021 00:13:17 GMT

POST
H2 202 event Show response
gw.oribi.io/ 0
406 B 316ms
179ms XHR
text/plain 52.42.132.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.oribi.io/event
Requested by: Host: cdn.oribi.io
URL: https://cdn.oribi.io/Xzc5MTIwOTQ5NQ/oribi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.132.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-132-160.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.amzdfy.com
date: Fri, 16 Apr 2021 00:13:18 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
x-application-context: application
content-type: text/plain

POST
H2 202 event Show response
gw.oribi.io/ 0
408 B 303ms
178ms XHR
text/plain 52.42.132.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.oribi.io/event
Requested by: Host: cdn.oribi.io
URL: https://cdn.oribi.io/Xzc5MTIwOTQ5NQ/oribi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.132.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-132-160.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.amzdfy.com
date: Fri, 16 Apr 2021 00:13:18 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
x-application-context: application
content-type: text/plain

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=817947153&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&ul=en-us&de=UTF-8&dt=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Script%20Error&ea=Uncaught%20TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null&el=121https%3A%2F%2Fwww.amzdfy.com%2Fassets%2Flander.js&_u=6HDACEArBAAAgG~&jid=&gjid=&cid=1546604296.1618531997&tid=UA-68790304-2&_gid=1678267743.1618531997&gtm=2wg472PFR4VT3&z=1178040658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 background.png Show response
www.amzdfy.com/images/ 118 B
331 B 172ms
172ms XHR
text/javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amzdfy.com/images/background.png?_unique=0.9875845066701443&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.amzdfy.com/start%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&_title=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&_key=6a2w03fb&_page_key=ubivvcpi4u57yv3q&_fid=8647135&_fspos=1&_fvrs=89&_funnel_stat=1&_location=https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&_referrer=

Requested by

Host: www.amzdfy.com
URL: https://www.amzdfy.com/vendor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

a4a1b24546c18a31f86adf221b492c318d870bd950f0ed10e4e881c37749e08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:path: /images/background.png?_unique=0.9875845066701443&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.amzdfy.com/start%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&_title=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&_key=6a2w03fb&_page_key=ubivvcpi4u57yv3q&_fid=8647135&_fspos=1&_fvrs=89&_funnel_stat=1&_location=https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&_referrer=
pragma: no-cache
cookie: __cfduid=d24e35f3b76eab23dbc7c3ed17f0537361618531996; __cf_bm=f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:name=; cf:term=; cf:source=google; cf:medium=cpc; cf:NDc0ODIxODA=:visited=true; cf:visitor_id=3b0ce12d-0485-4379-bcbe-44ca369219dc; utm_source=google; utm_medium=cpc; utm_campaign=BABH - RMKT - Who Did Not Optin - Tier 1 - TG; gc_id=10707969765; gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB; addevent_track_cookie=5b725086-8c6c-4b6a-4668-e29a614c1df0; _gcl_aw=GCL.1618531997.Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB; _gcl_au=1.1.390577299.1618531997; __utmzz=utmcsr=google|utmcmd=cpc|utmccn=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG|utmgclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB; __utmzzses=1; _gid=GA1.2.1678267743.1618531997; _ga_DQCFK9ZPHY=GS1.1.1618531997.1.0.1618531997.60; _uetsid=8b311fc09e4811ebb37fadf64dcb9f0e; _uetvid=8b3226609e4811ebae14816ae51f0d34; _dc_gtm_UA-68790304-2=1; _ga=GA1.2.1546604296.1618531997; _gac_UA-68790304-13=1.1618531998.Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB; _dc_gtm_UA-68790304-13=1; _gac_UA-68790304-2=1.1618531998.Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB; _gat_UA-68790304-2=1; _rdt_uuid=1618531997575.cce6e84e-c632-4f3d-9432-bc550b8afb71; _seg_uid_5384=5055f18f79379274478814383bb9a761; _seg_uid=5055f18f79379274478814383bb9a761; _seg_visitor_5384={"utm_source":"google","utm_medium":"cpc","utm_campaign":"BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG","referrer":null}; _scid=5dfbb28d-afee-4dad-a043-4b7e004a7a19; oribi_user_guid=6ee295a6-b343-30ff-cda3-1ab01b5db899; oribi_session=e758c1d7-90ea-adcb-faa0-b39bfb42582a; _clck=6by6hj; _pin_unauth=dWlkPU4yUmlPVEEwWldFdFpUaG1aQzAwT0RFMExUaGpaREV0T1RGalpqVXpZekExTm1WbQ; _fbp=fb.1.1618531997864.2070995746
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.amzdfy.com
referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amzdfy.com/start?utm_source=google&utm_medium=cpc&utm_campaign=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG&gc_id=10707969765&gclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:13:18 GMT
access-control-request-method: *
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 09799f70db00004dd0fc9e2000000001
x-request-id: 1c3e1c4ef92ea3385048ae232ee449f5
x-runtime: 0.027030
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
cf-ray: 640934faf8be4dd0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 0
0 182ms
134ms Script
text/html 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o52k2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
Requested by: Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pc Show response
142331.tracking.hyros.com/v1/lst/ 0
642 B 108ms
108ms XHR
text/plain 54.174.91.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://142331.tracking.hyros.com/v1/lst/pc?gc_id=10707969765&g_cl_id=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&ref_url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36
Requested by: Host: 142331.tracking.hyros.com
URL: https://142331.tracking.hyros.com/v1/lst/universal-script?ph=5da86a128e5d7c901c843bdb0b8ecb3e5c815b31c127e10f825829f04bfdd703&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.91.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-91-45.compute-1.amazonaws.com
Software: Jetty(9.4.14.v20181114) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.amzdfy.com/
Session-ID: HB-ET_cd8c56a645a101a2548f5d16dcbb2de97100125bd88f1d5b1ecede511c1560aa
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

date: Fri, 16 Apr 2021 00:13:18 GMT
session-id: HB-ET_cd8c56a645a101a2548f5d16dcbb2de97100125bd88f1d5b1ecede511c1560aa
etag: HB-ET_cd8c56a645a101a2548f5d16dcbb2de97100125bd88f1d5b1ecede511c1560aa
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.amzdfy.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 0
server: Jetty(9.4.14.v20181114)

OPTIONS
H2 200 pc
142331.tracking.hyros.com/v1/lst/ Frame 0
0 99ms
99ms Preflight
application/vnd.sun.wadl+xml 54.174.91.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://142331.tracking.hyros.com/v1/lst/pc?gc_id=10707969765&g_cl_id=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&ref_url=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36
Protocol: H2
Server: 54.174.91.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-91-45.compute-1.amazonaws.com
Software: Jetty(9.4.14.v20181114) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,session-id
Origin: https://www.amzdfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 16 Apr 2021 00:13:18 GMT
content-type: application/vnd.sun.wadl+xml;charset=utf-8
content-length: 2148
access-control-allow-origin: https://www.amzdfy.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,session-id
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
allow: HEAD,GET,OPTIONS
last-modified: Fri, 16 Apr 2021 00:13:18 UTC
server: Jetty(9.4.14.v20181114)

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=817947153&t=adtiming&_s=2&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&ul=en-us&de=UTF-8&dt=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1436&pdt=3&dns=23&rrt=0&srt=447&tcp=16&dit=811&clt=811&_gst=924&_gbt=967&_cst=558&_cbt=882&_u=6HDAiEArBAAAgG~&jid=&gjid=&cid=1546604296.1618531997&tid=UA-68790304-2&_gid=1678267743.1618531997&gtm=2wg472PFR4VT3&z=1089563518

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50980
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=817947153&t=adtiming&_s=2&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&ul=en-us&de=UTF-8&dt=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1436&pdt=3&dns=23&rrt=0&srt=447&tcp=16&dit=811&clt=811&_gst=924&_gbt=967&_cst=558&_cbt=882&_u=6HDAiEArBAAAgG~&jid=&gjid=&cid=1546604296.1618531997&tid=UA-68790304-13&_gid=1678267743.1618531997&gtm=2wg472PFR4VT3&z=498285145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50980
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
206 B 101ms
101ms XHR
text/plain 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.12/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Apr 2021 00:13:20 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.amzdfy.com
access-control-allow-credentials: true
x-azure-ref: 0oNZ4YAAAAACmam+Y1DmqQ4nbdBTDjV9QRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 26ms
26ms Ping
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DQCFK9ZPHY&gtm=2oe472&_p=817947153&sr=1600x1200&ul=en-us&cid=1546604296.1618531997&_s=2&dl=https%3A%2F%2Fwww.amzdfy.com%2Fstart%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3DBABH%2520-%2520RMKT%2520-%2520Who%2520Did%2520Not%2520Optin%2520-%2520Tier%25201%2520-%2520TG%26gc_id%3D10707969765%26gclid%3DCj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB&dt=Amazon%20Done%20For%20You%20%7C%20Let%20us%20Build%20YOU%20a%20100%25%20Done-For-You%20Amazon%20Business!&sid=1618531997&sct=1&seg=0&en=scroll&_et=736&ep.debug_mode=false&ep.page_path=www.amzdfy.com%2Fstart&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQCFK9ZPHY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 00:13:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amzdfy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
152 B 113ms
102ms XHR
text/plain 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.12/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://www.amzdfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Apr 2021 00:13:23 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.amzdfy.com
access-control-allow-credentials: true
x-azure-ref: 0o9Z4YAAAAAC5sarLYtsVQrQjscEXhP6gRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

297 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amzdfy.com/	1970-01-20 02:21:07	Name: _pin_unauth Value: dWlkPU4yUmlPVEEwWldFdFpUaG1aQzAwT0RFMExUaGpaREV0T1RGalpqVXpZekExTm1WbQ
www.amzdfy.com/	1970-01-20 02:21:07	Name: _clck Value: 6by6hj
.amzdfy.com/	1970-01-20 02:21:07	Name: oribi_user_guid Value: 6ee295a6-b343-30ff-cda3-1ab01b5db899
.amzdfy.com/	1970-01-20 02:21:07	Name: _seg_uid Value: 5055f18f79379274478814383bb9a761
.amzdfy.com/	1970-01-20 02:21:07	Name: _seg_uid_5384 Value: 5055f18f79379274478814383bb9a761
.amzdfy.com/	1970-01-20 03:05:18	Name: _scid Value: 5dfbb28d-afee-4dad-a043-4b7e004a7a19
.amzdfy.com/	1970-01-19 19:45:07	Name: _gac_UA-68790304-2 Value: 1.1618531998.Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
.amzdfy.com/	1970-01-19 17:35:39	Name: _dc_gtm_UA-68790304-13 Value: 1
.amzdfy.com/	1970-01-19 17:35:32	Name: _gat_UA-68790304-2 Value: 1
.amzdfy.com/	1970-01-19 17:35:39	Name: _gac_UA-68790304-13 Value: 1.1618531998.Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
.amzdfy.com/	1970-01-19 17:35:32	Name: _dc_gtm_UA-68790304-2 Value: 1
.amzdfy.com/	1970-01-19 17:58:55	Name: _uetvid Value: 8b3226609e4811ebae14816ae51f0d34
.amzdfy.com/	1970-01-19 17:36:58	Name: _uetsid Value: 8b311fc09e4811ebb37fadf64dcb9f0e
.amzdfy.com/	1970-01-20 11:06:43	Name: _ga_DQCFK9ZPHY Value: GS1.1.1618531997.1.0.1618531997.60
www.amzdfy.com/	1969-12-31 23:59:59	Name: utm_campaign Value: BABH - RMKT - Who Did Not Optin - Tier 1 - TG
.amzdfy.com/	1970-01-19 21:54:43	Name: __utmzz Value: utmcsr=google\|utmcmd=cpc\|utmccn=BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG\|utmgclid=Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
.amzdfy.com/	1970-01-20 02:21:07	Name: _seg_visitor_5384 Value: {"utm_source":"google","utm_medium":"cpc","utm_campaign":"BABH%20-%20RMKT%20-%20Who%20Did%20Not%20Optin%20-%20Tier%201%20-%20TG","referrer":null}
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:affiliate_id Value:
www.amzdfy.com/	1969-12-31 23:59:59	Name: gc_id Value: 10707969765
.amzdfy.com/	1970-01-19 19:45:07	Name: _gcl_au Value: 1.1.390577299.1618531997
.snapchat.com/	1970-01-20 02:57:07	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgEsIlIOJXjGUckTMHw3xLVuo4KfZecVSlh/YTFpt1MtM+A+Gwjwkd/BMUJ4zIAAAA=
.amzdfy.com/	1970-01-19 17:36:58	Name: _gid Value: GA1.2.1678267743.1618531997
.www.amzdfy.com/	1970-01-19 18:18:43	Name: __cfduid Value: d24e35f3b76eab23dbc7c3ed17f0537361618531996
www.amzdfy.com/	1970-01-20 02:21:07	Name: addevent_track_cookie Value: 5b725086-8c6c-4b6a-4668-e29a614c1df0
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:visitor_id Value: 3b0ce12d-0485-4379-bcbe-44ca369219dc
www.amzdfy.com/	1969-12-31 23:59:59	Name: utm_source Value: google
.amzdfy.com/	1970-01-19 19:45:07	Name: _fbp Value: fb.1.1618531997864.2070995746
.amzdfy.com/	1970-01-20 11:06:43	Name: _ga Value: GA1.2.1546604296.1618531997
www.amzdfy.com/	1969-12-31 23:59:59	Name: utm_medium Value: cpc
.amzdfy.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.amzdfy.com/	1970-01-19 19:45:07	Name: _gcl_aw Value: GCL.1618531997.Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:aff_sub3 Value:
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:NDc0ODIxODA Value: :visited=true
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:medium Value: cpc
.amzdfy.com/	1970-01-19 17:35:39	Name: oribi_session Value: e758c1d7-90ea-adcb-faa0-b39bfb42582a
.www.amzdfy.com/	1970-01-19 17:35:33	Name: __cf_bm Value: f63eb604e719a81f7fa969c11840ee0d61e15476-1618531996-1800-AVrdnIR8l3SbJj+Wi54FC46R1gCTWXaWKCArLcL0JbpuflP2quXVnooJPm5OOwTq07RwHpclQetnVWUx6HLwFy2gWC4IYN0g4St1NCWsq+gd
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:content Value:
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:source Value: google
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:term Value:
.amzdfy.com/	1970-01-19 19:45:07	Name: _rdt_uuid Value: 1618531997575.cce6e84e-c632-4f3d-9432-bc550b8afb71
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:cf_affiliate_id Value:
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:aff_sub Value:
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:aff_sub2 Value:
.amzdfy.com/	1969-12-31 23:59:59	Name: cf:name Value:
www.amzdfy.com/	1969-12-31 23:59:59	Name: gclid Value: Cj0KCQiA0MD_BRCTARIsADXoopbDB6BWCnXD8AuqwPQ21dyHRWanUklngFLfFvcUQwnugUrCjB1RqOQaApfzEALw_wcB

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.amzdfy.com/assets/lander.js(Line 112) Message: keen.io could not be loaded
console-api	log	URL: https://tag.segmetrics.io/a1vWm4.js(Line 1) Message: SegMetrics v2.3.0
console-api	log	URL: https://142331.tracking.hyros.com/v1/lst/universal-script?ph=5da86a128e5d7c901c843bdb0b8ecb3e5c815b31c127e10f825829f04bfdd703&tag=!tracking(Line 1) Message: %c [UTS] [gusid]: HB-ET_cd8c56a645a101a2548f5d16dcbb2de97100125bd88f1d5b1ecede511c1560aa color: green;
console-api	log	URL: https://142331.tracking.hyros.com/v1/lst/universal-script?ph=5da86a128e5d7c901c843bdb0b8ecb3e5c815b31c127e10f825829f04bfdd703&tag=!tracking(Line 1) Message: %c [UTS] [pc] color: green;

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

142331.tracking.hyros.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
app.clickfunnels.com
assets.clickfunnels.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.oribi.io
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gw.oribi.io
manychat.com
mccdn.me
s.pinimg.com
sc-static.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag.segmetrics.io
tr.snapchat.com
track.addevent.com
track.segmetrics.io
use.fontawesome.com
widget.manychat.com
www.amzdfy.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
104.244.42.3
104.244.42.5
13.32.25.18
151.101.112.84
151.101.113.140
18.185.191.84
18.200.87.115
199.232.136.157
216.58.212.130
23.111.9.35
2600:9000:20e8:5e00:13:c079:7880:93a1
2604:a880:800:10::1b49:d001
2606:4700:20::681a:f87
2606:4700::6810:125e
2606:4700::6810:cc2
2606:4700::6810:ec2
2606:4700::6810:fc2
2620:1ec:46::19
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9c
2a00:1450:400c:c0d::9d
2a02:26f0:6c00:2a3::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.226.184
52.142.114.2
52.42.132.160
54.174.91.45
99.84.156.18
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0f05abf83e0d046e74915fa907786efd90826e25f086bae563ab0a972b334907
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
257dd6cd74a3c887e83a1f454cb446ffb19d25882760a47f886f3e01f42987fb
286b38b7d75184cacbc49451f6f47bf9a3e300d33d18c02a2283502255785fbe
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38c9e8d2dfaf439f732463b5ae80c7d5da32bd8594172a56041794f080b2a3bc
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3ee3630396a683aceca39588bbb33dfcd1bdc231226cd2030219659810d12ab1
416f8f0495ba92daeea67e5485a162ca8062ffd1c0d276cb8a26e4537aecb520
456567424b09db1a6109143c9b68e0ca6c5281aa0048c4573840a23715789e57
4ae4799f983b9501a35fa3f88d0a52adc5edd7ef3fda4d0dd6611cdfbc0c459a
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d176e03d4f72799aec48021601e6475e9ac7f10b2e5aba614d22fcedc79e4f1
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
627cc3265b1b27d7a784de9ca62e2d4f8bf577a5f54ef917177d05d7acf2dbee
6afbca921f1feab9fa04944b9e0fd4d1f4abb5a9f0528d6bf32bf4e70adc678e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fd89d19383dc52535875138f8cd475a44299c4070a3a35fe7572fbdfc05646d
7007d8f0a310fa1bcf385532ebb81cb3468e1394f3a93c110ede353b818013e7
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7bb423d3e4ed0943dcfbb920651ea92fe3468e19d047ced423b8cd23f00f6c65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850420a74b035447dcf888c73803e7588d07aa16c80c3ee326c7c575186bd001
8c9c43644ae5f8f72d518a39e4d63cb08f77579cd676a634b5fa6960ae1dfcda
9195991596f8acb60df9e42982a0962a5f3d71cd75aa313d64f2638bc217f5e1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9941e4302952ab747f9fddea25a88e774b6fe961de75fad74f8b10cda1ab0356
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
a00423c01a7ee6d971a6b648d529ae72a6b00131c808b4d28ea4a0d0a1eb1de6
a4a1b24546c18a31f86adf221b492c318d870bd950f0ed10e4e881c37749e08b
a9537411ee70a9a6108ccf946b3c29856686dbc389f4a7eb596523df4ba48d64
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0a826fa53a52c446352d13c02654eff897691e910dbf3a3d79b44757fd37fea
b5f6a267c040f530d99b76b8179f484f419254dfd88002a024744589bd82c14c
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
ceefa5ae0dfd53fb6e488ddb9cbc4798d746f06e06cdd105be6b4211204dadf2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e2e100dccf35fc8fbda8298d47d2719362a984ff46eebf871a878376224071df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49bc275a3a7487ae7629980e1db49073bd7ed7c8ade4986f3ca4fbd78d20948
e51c628edea8a472eed700e7073967ddae61c6254400d87432f3d7a03a1b4845
e9204c6be951f768be3956b8caba9e0e1e4ffbea1e1fc1735ef73f6cfc4e0612
e9df6b8e1666b9f3b395e9dbb2db7211d5e0767c4499422da578d868c5f15aca
ebe60918db14e0c8d35a6d3734082e9e2e81fcb1816d7011a03db75d2bb091b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f236afb1cc457f51bb87588e33c4f4c552f8152c03cb0835419b406e55af1b78
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

www.amzdfy.com Open in urlscan Pro 2606:4700::6810:fc2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

62 %IPv6

31 Domains

39 Subdomains

39 IPs

4 Countries

1266 kBTransfer

4217 kBSize

45 Cookies

0 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.amzdfy.com Open in urlscan Pro
2606:4700::6810:fc2 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

62 %
IPv6

31
Domains

39
Subdomains

39
IPs

4
Countries

1266 kB
Transfer

4217 kB
Size

45
Cookies

109 HTTP transactions
0 data transactions