a.76674bdad304297eda3d325f449f6f49.com Open in urlscan Pro
2606:4700:3035::ac43:819a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://a.76674bdad304297eda3d325f449f6f49.com/
Effective URL:
http://a.76674bdad304297eda3d325f449f6f49.com/home/
Submission: On June 02 via manual (June 2nd 2020, 7:29:35 am UTC) from US

Summary HTTP 44 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 23 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3035::ac43:819a, located in United States and belongs to CLOUDFLARENET, US. The main domain is a.76674bdad304297eda3d325f449f6f49.com.

This is the only time a.76674bdad304297eda3d325f449f6f49.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:303... 2606:4700:3035::ac43:819a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1	147.75.32.125 147.75.32.125	54825 (PACKET) (PACKET)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ebcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.75.33.131 147.75.33.131	54825 (PACKET) (PACKET)
1	147.75.102.13 147.75.102.13	54825 (PACKET) (PACKET)
1	52.213.50.60 52.213.50.60	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
44	28

10 2606:4700:3035::ac43:819a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.76674bdad304297eda3d325f449f6f49.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.125 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress4

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States) 1 redirects

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress3

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.50.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-50-60.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	76674bdad304297eda3d325f449f6f49.com 1 redirects a.76674bdad304297eda3d325f449f6f49.com	4 KB
5	google-analytics.com 2 redirects www.google-analytics.com	71 KB
4	hubspot.com api.hubspot.com forms.hubspot.com track.hubspot.com	1 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	72 KB
3	google.de www.google.de	319 B
3	google.com 2 redirects www.google.com	467 B
3	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	t.co 1 redirects t.co	517 B
2	facebook.com 1 redirects www.facebook.com	597 B
2	facebook.net connect.facebook.net	160 KB
2	googletagmanager.com www.googletagmanager.com	46 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	atdmt.com cx.atdmt.com	467 B
1	twitter.com analytics.twitter.com	283 B
1	hs-banner.com js.hs-banner.com	6 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	hscollectedforms.net js.hscollectedforms.net	21 KB
1	usemessages.com js.usemessages.com	14 KB
1	hsleadflows.net js.hsleadflows.net	65 KB
1	hs-analytics.net js.hs-analytics.net	22 KB
1	hs-scripts.com js.hs-scripts.com	1 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	11 KB
44	23

	Domain	Requested by
10	a.76674bdad304297eda3d325f449f6f49.com	1 redirects a.76674bdad304297eda3d325f449f6f49.com
5	www.google-analytics.com	2 redirects a.76674bdad304297eda3d325f449f6f49.com www.google-analytics.com
3	www.google.de	a.76674bdad304297eda3d325f449f6f49.com
3	www.google.com	2 redirects a.76674bdad304297eda3d325f449f6f49.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	t.co	1 redirects a.76674bdad304297eda3d325f449f6f49.com
2	stats.g.doubleclick.net	2 redirects
2	www.facebook.com	1 redirects a.76674bdad304297eda3d325f449f6f49.com
2	connect.facebook.net	a.76674bdad304297eda3d325f449f6f49.com connect.facebook.net
2	www.googletagmanager.com	a.76674bdad304297eda3d325f449f6f49.com
1	cx.atdmt.com
1	track.hubspot.com
1	analytics.twitter.com	static.ads-twitter.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	api.hubspot.com	js.usemessages.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	ajax.googleapis.com	a.76674bdad304297eda3d325f449f6f49.com
1	fonts.googleapis.com	a.76674bdad304297eda3d325f449f6f49.com
44	30

This site contains links to these domains. Also see Links.

Domain
explorestack.com
wiki.appodeal.com
www.appodeal.com
blog.appodeal.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-16` - `2020-10-09`	10 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2020-05-15` - `2020-10-09`	5 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.hotjar.com Amazon	`2019-09-27` - `2020-10-27`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-04-19` - `2020-07-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Frame ID: 0271C747A104F3C0EEE4C3575F1A3569
Requests: 42 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-T44CZWC
Frame ID: 0F55571B9D934151256B58745D6ECEAD
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 5E75C130B4C5249E0CD6A20775E9E8D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://a.76674bdad304297eda3d325f449f6f49.com/ HTTP 302
http://a.76674bdad304297eda3d325f449f6f49.com/home/ Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

91 %
HTTPS

72 %
IPv6

23
Domains

30
Subdomains

28
IPs

6
Countries

535 kB
Transfer

2262 kB
Size

9
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://explorestack.com/privacy-policy/?__hstc=121489751.b8200bef3434ea0da191d86ed66c8886.1591082938097.1591082938097.1591082938097.1&__hssc=121489751.1.1591082938097&__hsfp=2017058934
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://wiki.appodeal.com/en?__hstc=121489751.b8200bef3434ea0da191d86ed66c8886.1591082938097.1591082938097.1591082938097.1&__hssc=121489751.1.1591082938097&__hsfp=2017058934
Title: Docs

Search URL Search Domain Scan URL

URL: https://www.appodeal.com/home/about/?__hstc=121489751.b8200bef3434ea0da191d86ed66c8886.1591082938097.1591082938097.1591082938097.1&__hssc=121489751.1.1591082938097&__hsfp=2017058934#contacts
Title: Contact

Search URL Search Domain Scan URL

URL: https://blog.appodeal.com/?__hstc=121489751.b8200bef3434ea0da191d86ed66c8886.1591082938097.1591082938097.1591082938097.1&__hssc=121489751.1.1591082938097&__hsfp=2017058934
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.appodeal.com/home/terms-of-service/?__hstc=121489751.b8200bef3434ea0da191d86ed66c8886.1591082938097.1591082938097.1591082938097.1&__hssc=121489751.1.1591082938097&__hsfp=2017058934
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.appodeal.com/home/privacy-policy/?__hstc=121489751.b8200bef3434ea0da191d86ed66c8886.1591082938097.1591082938097.1591082938097.1&__hssc=121489751.1.1591082938097&__hsfp=2017058934
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.appodeal.com/home/sdk-license-agreement/?__hstc=121489751.b8200bef3434ea0da191d86ed66c8886.1591082938097.1591082938097.1591082938097.1&__hssc=121489751.1.1591082938097&__hsfp=2017058934
Title: SDK License Agreement

Search URL Search Domain Scan URL

URL: http://www.appodeal.com/?__hstc=121489751.b8200bef3434ea0da191d86ed66c8886.1591082938097.1591082938097.1591082938097.1&__hssc=121489751.1.1591082938097&__hsfp=2017058934
Title: English

Search URL Search Domain Scan URL

URL: https://www.facebook.com/explorestack

Search URL Search Domain Scan URL

URL: https://twitter.com/explore_stack

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVY4t0W0CvCJ_CBSvYcasZg

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://a.76674bdad304297eda3d325f449f6f49.com/ HTTP 302
http://a.76674bdad304297eda3d325f449f6f49.com/home/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://connect.facebook.net/en_US/fbevents.js HTTP 307
https://connect.facebook.net/en_US/fbevents.js

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1874953078&t=pageview&_s=1&dl=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQ~&jid=1870406613&gjid=1278666797&cid=1564886471.1591082938&tid=UA-61673428-1&_gid=152364561.1591082938&_r=1&z=413499768 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61673428-1&cid=1564886471.1591082938&jid=1870406613&_gid=152364561.1591082938&gjid=1278666797&_v=j82&z=413499768 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=1870406613&_v=j82&z=413499768 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=1870406613&_v=j82&z=413499768&slf_rd=1&random=3424760387

Request Chain 29

https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=1874953078&t=pageview&_s=1&dl=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=628413196&gjid=858999476&cid=1564886471.1591082938&tid=UA-61673428-1&_gid=152364561.1591082938&_r=1&gtm=2wg5k1T44CZWC&z=930865675 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61673428-1&cid=1564886471.1591082938&jid=628413196&_gid=152364561.1591082938&gjid=858999476&_v=j82&z=930865675 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=628413196&_v=j82&z=930865675 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=628413196&_v=j82&z=930865675&slf_rd=1&random=1973476886

Request Chain 31

http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nv0du&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0 HTTP 301
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nv0du&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Request Chain 41

https://www.facebook.com/tr/?id=1468129376844388&ev=Microdata&dl=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&rl=&if=false&ts=1591082939209&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1591082937705.900264687&it=1591082937616&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=9585939419973285048&f=AYwaHeaeoU1v5aQBn7GS6DT1NRRzKwUlRDqrHdKWoq7fhAAWdYl6_jbYi-rwYYioPN5havkeVNGqHd0xCCaOGVbJ&id=1468129376844388&l=3&v=0

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request / Show response
a.76674bdad304297eda3d325f449f6f49.com/home/
Redirect Chain

http://a.76674bdad304297eda3d325f449f6f49.com/
http://a.76674bdad304297eda3d325f449f6f49.com/home/

9 KB
3 KB

34ms
34ms

Document
text/html

2606:4700:3035::ac43:819a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

HTTP/1.1

Server

2606:4700:3035::ac43:819a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c37721dddca41322bd2ffebd16ba7d58c76f101313b384036955815617e4b18e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: a.76674bdad304297eda3d325f449f6f49.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=d4b5f5001cc9225e8c3111b292c879b471591082937
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 07:28:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Request-Id: a3e06cb7-d3da-4ec3-a5df-fb49dee7eb07
X-Runtime: 0.016117
X-Backend-Server: 10.64.130.76:5001
CF-Cache-Status: DYNAMIC
cf-request-id: 031588046c0000beb0a4b0a200000001
Server: cloudflare
CF-RAY: 59cf75e71e56beb0-FRA
Content-Encoding: gzip

Redirect headers

Date: Tue, 02 Jun 2020 07:28:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d4b5f5001cc9225e8c3111b292c879b471591082937; expires=Thu, 02-Jul-20 07:28:57 GMT; path=/; domain=.76674bdad304297eda3d325f449f6f49.com; HttpOnly; SameSite=Lax
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Location: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Cache-Control: no-cache
X-Request-Id: 4589890b-b05d-4aba-bc1f-31eb83e669c5
X-Runtime: 0.003283
X-Backend-Server: 10.64.130.44:5001
CF-Cache-Status: DYNAMIC
cf-request-id: 031588044f0000beb0a4b09200000001
Server: cloudflare
CF-RAY: 59cf75e6ee2bbeb0-FRA

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap&subset=cyrillic

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89003ac843adb643c643e05d9de4d27e4db3778e47af75cefec2ce99d828e166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 07:28:57 GMT
server: ESF
date: Tue, 02 Jun 2020 07:28:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jun 2020 07:28:57 GMT

GET
H2 404 appodeal.css
a.76674bdad304297eda3d325f449f6f49.com/stylesheets/ 0
0 12ms
11ms Stylesheet
text/html 2606:4700:3035::ac43:819a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.76674bdad304297eda3d325f449f6f49.com/stylesheets/appodeal.css
Requested by: Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:819a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 07:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519123
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 May 2021 07:16:54 GMT

GET
H2 404 logo-white.svg
a.76674bdad304297eda3d325f449f6f49.com/assets/images/ 0
0 47ms
47ms Image
text/html 2606:4700:3035::ac43:819a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.76674bdad304297eda3d325f449f6f49.com/assets/images/logo-white.svg
Requested by: Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:819a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 error-404.png
a.76674bdad304297eda3d325f449f6f49.com/images/appodeal/assets/images/pages/apps/ 0
0 11ms
11ms Image
text/html 2606:4700:3035::ac43:819a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.76674bdad304297eda3d325f449f6f49.com/images/appodeal/assets/images/pages/apps/error-404.png
Requested by: Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:819a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 guest.css
a.76674bdad304297eda3d325f449f6f49.com/stylesheets/appodeal/ 0
0 18ms
18ms Stylesheet
text/html 2606:4700:3035::ac43:819a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.76674bdad304297eda3d325f449f6f49.com/stylesheets/appodeal/guest.css
Requested by: Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:819a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 appodeal.js
a.76674bdad304297eda3d325f449f6f49.com/javascripts/ 0
0 14ms
14ms Script
text/html 2606:4700:3035::ac43:819a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.76674bdad304297eda3d325f449f6f49.com/javascripts/appodeal.js
Requested by: Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:819a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
46 KB 39ms
37ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T44CZWC

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce2ffa5165031edba4128fa1e42d6430a947a37c1e739f61edc583e82a769165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47059
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jun 2020 07:28:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3022
date: Tue, 02 Jun 2020 06:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 02 Jun 2020 08:38:35 GMT

GET
H2

200

fbevents.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/fbevents.js
https://connect.facebook.net/en_US/fbevents.js

131 KB
31 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: RCbjzTvJVmfE/460g3zCXVB4s5vIrwiA62M1vHsGkveBPBN3CDG7g9ecxwrG809AVy36PPEYSb5PYsRLWgQzwA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 02 Jun 2020 07:28:57 GMT, Tue, 02 Jun 2020 07:28:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason: HSTS

GET
H2 404 appodeal.css
a.76674bdad304297eda3d325f449f6f49.com/stylesheets/ 0
0 53ms
53ms Stylesheet
text/html 2606:4700:3035::ac43:819a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.76674bdad304297eda3d325f449f6f49.com/stylesheets/appodeal.css
Requested by: Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:819a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 guest.css
a.76674bdad304297eda3d325f449f6f49.com/stylesheets/appodeal/ 0
0 13ms
12ms Stylesheet
text/html 2606:4700:3035::ac43:819a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.76674bdad304297eda3d325f449f6f49.com/stylesheets/appodeal/guest.css
Requested by: Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:819a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 66 KB
26 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NH46S7J&cid=1564886471.1591082938

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41d58629909be9e45283346e1c6e3b6891f5f9f44f0758b3f674a15a8844aae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26760
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jun 2020 07:28:57 GMT

GET
H2 404 appodeal.js
a.76674bdad304297eda3d325f449f6f49.com/javascripts/ 0
0 12ms
12ms Script
text/html 2606:4700:3035::ac43:819a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.76674bdad304297eda3d325f449f6f49.com/javascripts/appodeal.js
Requested by: Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:819a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 1468129376844388 Show response
connect.facebook.net/signals/config/ 517 KB
129 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1468129376844388?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

660e21a7997c5280491cda491a92e59ccb0afbfb310c5ed7f5f7ab526317e52a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 131695
x-xss-protection: 0
pragma: public
x-fb-debug: VkdeP9XhNHH9QVwtXDdJ+vsYpuVjW2GyUwjZopR6R1uL2ixSyi61jCfyfCDN7j4ALG25yW38kC4NABnf8CAjiQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 02 Jun 2020 07:28:57 GMT, Tue, 02 Jun 2020 07:28:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ns.html
www.googletagmanager.com/ Frame 0F55 0
0 15ms
15ms Document
text/html 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-T44CZWC

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.googletagmanager.com
:scheme: https
:path: /ns.html?id=GTM-T44CZWC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Tue, 02 Jun 2020 07:28:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
content-length: 231
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
11 KB 49ms
49ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T44CZWC

Protocol

HTTP/1.1

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

20f2b7c4f6f460542ac14424e621a9aa42dbdd98447feb325b3e81e322598860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 02 Jun 2020 07:28:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5410868192711959244
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 10882
X-XSS-Protection: 0
Expires: Tue, 02 Jun 2020 07:28:57 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 50ms
50ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T44CZWC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
content-encoding: gzip
age: 35842
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1591082938.696076,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 hotjar-1752884.js Show response
static.hotjar.com/c/ 3 KB
2 KB 124ms
123ms Script
application/javascript 147.75.32.125
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1752884.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T44CZWC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress4

Software

Resource Hash

ffb4656f8d530c3cab9cf916b12b954ce833b7450f72d8ead875375f3ecd7aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
content-encoding: br
x-content-type-options: nosniff
section-io-tag: hotjarjs
age: 0
status: 200
section-io-cache: Miss
vary: Accept-Encoding
content-length: 1513
cache-control: max-age=60
etag: W/36d150e7694382178ea8d5cdf8f6351d
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.072
section-io-id: 770639eb663f135de12558ff09815704
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H/1.1 200
OK 5606823.js Show response
js.hs-scripts.com/ 3 KB
1 KB 12ms
12ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://js.hs-scripts.com/5606823.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T44CZWC
Protocol: HTTP/1.1
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afdd744ff979fe944d568f2f8143700976dc4f74f22a9804f3f2146b214a8b0f

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 07:28:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 23
Cf-Polished: origSize=2704
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 031588054d0000bef63f358200000001
Cf-Bgj: minify
Server: cloudflare
X-Trace: 2BFC8EF21A3CA1A40DE771E99F5B0642B231D9F338000000000000000000
Access-Control-Max-Age: 3600
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: http://a.76674bdad304297eda3d325f449f6f49.com
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
CF-RAY: 59cf75e87ce7bef6-FRA
Expires: Tue, 02 Jun 2020 07:29:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1468129376844388&ev=PageView&dl=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&rl=&if=false&ts=1591082937706&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591082937705.900264687&it=1591082937616&coo=false&rqm=GET

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT, Tue, 02 Jun 2020 07:28:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 02 Jun 2020 07:28:57 GMT

GET
H/1.1 200
OK 5606823.js Show response
js.hs-analytics.net/analytics/1591082700000/ 60 KB
22 KB 19ms
17ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://js.hs-analytics.net/analytics/1591082700000/5606823.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: HTTP/1.1
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28461ed4882fac05a38cd595e60d7a065a9760d1b99d5d2df47a6ac5e0d6e81

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 07:28:57 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 23
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 9ECABBF7A4208868
x-amz-id-2: 18fPnAYizHLeT/sVoxRIMP/l45SFrILz7jMwL6zg1WTyMQy87ubGnAoaFEF/EX/Gm92wG+OGjvg=
Last-Modified: Wed, 06 May 2020 14:59:05 GMT
Server: cloudflare
ETag: W/"c155eb66036b0596e564d0b5d4a9c59d"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=300, public
Access-Control-Allow-Credentials: false
x-amz-version-id: null
cf-request-id: 03158805710000dfbf62085200000001
CF-RAY: 59cf75e8b924dfbf-FRA
Expires: Tue, 02 Jun 2020 07:33:34 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 401 KB
65 KB 18ms
15ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6dc5134f72d3971c1518e47c1fcd78e5d9453483002d6803d77aab4cf6ad8d8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Origin: http://a.76674bdad304297eda3d325f449f6f49.com

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
via: 1.1 5eb5e19c1a78889d10ff38f1551ed2aa.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 22
x-amz-server-side-encryption: AES256
cf-ray: 59cf75e8bcc516e6-FRA
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0315880572000016e6fe831200000001
last-modified: Wed, 27 May 2020 04:28:16 UTC
server: cloudflare
etag: W/"7cb782aaf2f19b578b22dc0a0b8506fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: BzNxK9ep8OIiYi7Z1ec0Ri_14POPm8cG
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-amz-cf-pop: IAD89-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 2_YL5EXkmqvFTZZ35VGSL0dMwezJ5KUKNwaEnxCAsKB5AD8H8ELeDQ==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 61 KB
14 KB 24ms
22ms Script
application/javascript 2606:4700::6811:ebcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aed74fd98182daf57229524cedcb4c1aaa2a35784d2794fcd010929e9a3b71f

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
via: 1.1 9acd372742573b89975d7dceea2dc950.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 126
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
cf-request-id: 03158805730000324057b21200000001
last-modified: Mon, 01 Jun 2020 03:15:02 UTC
server: cloudflare
etag: W/"11132d4a37a47a57f0f8a10cecc87d58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ua7grJQ.ymf7gf1v7Ia_tOenkc6PeOiS
cache-control: max-age=600
x-amz-cf-pop: IAD89-C2
cf-ray: 59cf75e8b81e3240-FRA
x-amz-cf-id: HVwjujLldsXPwzWIjznTvFWhT1qEerf1an3seAgfCNmgjddkdVZ8_Q==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 85 KB
21 KB 15ms
13ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f67ceb15b2cf93b683178360b1195f61b865fa9479e97b73e53a3e165b1fa57

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
Origin: http://a.76674bdad304297eda3d325f449f6f49.com

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
via: 1.1 530b01c2c88db2b27d295e2504b501cb.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 22
x-amz-server-side-encryption: AES256
cf-ray: 59cf75e8bd5905c8-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0315880572000005c8b99c4200000001
last-modified: Mon, 20 Apr 2020 09:12:46 UTC
server: cloudflare
etag: W/"23f8e96d324269dda8d82175be7efa12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: wo_5cw_xO3mr17fyf9jwyXZ_RPPlOqx1
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-amz-cf-pop: IAD89-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: a7K3jbnET4OxowJymdyb_k1FGr1jKlonXJ_gzj1ckLD9OQgFFC5z3g==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 4 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf46a9c9af0c556c0272432efe1e9958c13b695bc6e6e8b59c34dc8e2f35e7cd

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
via: 1.1 2ad0cde89ab58d454177893ae4447f50.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
cf-request-id: 03158805730000061c7bb2b200000001
last-modified: Mon, 01 Jun 2020 01:00:35 UTC
server: cloudflare
etag: W/"331cf22d59b30c68a482c4b1c62061df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 1RauLYcuJp4vdDf2IJVmL1GraP6zDoEb
cache-control: max-age=600
x-amz-cf-pop: IAD89-C1
cf-ray: 59cf75e8b94a061c-FRA
x-amz-cf-id: DB2suDRRaTiYzMNDpQr2AdoOGFlVlXyiTRkGhewKNeE0HYpRtlyoJQ==

GET
H2 200 5606823.js Show response
js.hs-banner.com/ 26 KB
6 KB 16ms
14ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5606823.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2f794d884831cf76ab7f16e55a2bacf8e0f2d9e105f7b3e75e405d1a4b8697

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=QDzcTA==, md5=sjqp/uJoa3RVDM20SPwWjQ==
date: Tue, 02 Jun 2020 07:28:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 23
x-guploader-uploadid: AAANsUknXaTl9f4ZsfBt7oxNr_ZFazXfR9c4TSwz5A_YWBwh-zUidgRjNeA2KIAWuhFNZulIM90NdNZ2nuZxz-bhYw
x-goog-storage-class: STANDARD
status: 200
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 03158805720000dff78181a200000001
timing-allow-origin: *
last-modified: Wed, 27 May 2020 03:59:37 GMT
server: cloudflare
etag: W/"b23aa9fee2686b74550ccdb448fc168d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1590551977987540
access-control-allow-origin: https://www.appodeal.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 26572
cf-ray: 59cf75e8bf79dff7-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 02 Jun 2020 07:33:34 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 66 KB
26 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T2MJCJM&t=gtm2&cid=1564886471.1591082938&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94bba5bf2fd946047b33a63c66b1304f3f4cad7b7d47c5465bdcfb3943b8c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26729
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jun 2020 07:28:57 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1874953078&t=pageview&_s=1&dl=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20lo...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61673428-1&cid=1564886471.1591082938&jid=1870406613&_gid=152364561.1591082938&gjid=1278666797&_v=j82&z=413499768
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=1870406613&_v=j82&z=413499768
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=1870406613&_v=j82&z=413499768&slf_rd=1&random=3424760387

42 B
106 B

19ms
18ms

Image
image/gif

2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=1870406613&_v=j82&z=413499768&slf_rd=1&random=3424760387

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jun 2020 07:28:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jun 2020 07:28:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=1870406613&_v=j82&z=413499768&slf_rd=1&random=3424760387
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=1874953078&t=pageview&_s=1&dl=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&ul=en-us&de=UTF-8&dt=The%20page%20you%20wer...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61673428-1&cid=1564886471.1591082938&jid=628413196&_gid=152364561.1591082938&gjid=858999476&_v=j82&z=930865675
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=628413196&_v=j82&z=930865675
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=628413196&_v=j82&z=930865675&slf_rd=1&random=1973476886

42 B
106 B

18ms
16ms

Image
image/gif

2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=628413196&_v=j82&z=930865675&slf_rd=1&random=1973476886

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jun 2020 07:28:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jun 2020 07:28:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61673428-1&cid=1564886471.1591082938&jid=628413196&_v=j82&z=930865675&slf_rd=1&random=1973476886
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957603572/ 2 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957603572/?random=1591082937741&cv=9&fst=1591082937741&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eedadef3db437b0dd693b96603ca14afe92c522780453c5e36d287e088ef8cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jun 2020 07:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1075
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adsct
t.co/i/
Redirect Chain

http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nv0du&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nv0du&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

43 B
170 B

154ms
154ms

Image
image/gif

104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nv0du&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 105
pragma: no-cache
last-modified: Tue, 02 Jun 2020 07:28:58 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 528e340aced987d82e61f2d9291f311d
x-transaction: 0097cae900dda21d
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

location: https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nv0du&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
x-response-time: 107
date: Tue, 02 Jun 2020 07:28:57 GMT
server: tsa_o
x-connection-hash: b4e91c631efc494b8529720423d302e9
content-length: 0

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 285 B
384 B 119ms
118ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=5606823&conversations-embed=static-1.6665&mobile=false&messagesUtk=c145c4267f0a42029d30745793c3308e&traceId=c145c4267f0a42029d30745793c3308e

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ec5c00f9f13dae7d6ff4285e0e04b04153bbfc2c765ee5d3ac1bd97c5b93a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
X-HubSpot-Messages-Uri: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Response headers

date: Tue, 02 Jun 2020 07:28:58 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
content-length: 227
cf-request-id: 0315880622000005b376b47200000001
server: cloudflare
x-trace: 2BF6A015E169FE5038B8CF29AA55BF6D2F89CF680E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: http://a.76674bdad304297eda3d325f449f6f49.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 59cf75e9dce905b3-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 /
www.google.com/pagead/1p-user-list/957603572/ 42 B
112 B 23ms
22ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957603572/?random=1591082937741&cv=9&fst=1591081200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&async=1&fmt=3&is_vtc=1&random=951329457&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jun 2020 07:28:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957603572/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957603572/?random=1591082937741&cv=9&fst=1591081200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&async=1&fmt=3&is_vtc=1&random=951329457&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: a.76674bdad304297eda3d325f449f6f49.com
URL: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jun 2020 07:28:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.aacb7ef51999cabcc7d1.js Show response
script.hotjar.com/ 369 KB
70 KB 51ms
50ms Script
application/javascript 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.aacb7ef51999cabcc7d1.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1752884.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress9
Software: /
Resource Hash: 92f435fb18fd816783c818b5c6ef3f57ae162dc7c33050e14c71bdf4599cf03d

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:58 GMT
content-encoding: br
age: 431920
status: 200
section-io-cache: Hit
content-length: 71343
last-modified: Thu, 28 May 2020 07:27:10 GMT
etag: "44ec4f8c240a56491c9fa5d2555784da"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.036
section-io-id: f7bc2b98eddd0ed88d3d6dfe001fdfbf
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
289 B 112ms
112ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=5606823&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f2af714b09bee827bf9a5467d2f9afb4455478a8377d6a9076a71f49e65498e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 03158805d9000005b376b3e200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: http://a.76674bdad304297eda3d325f449f6f49.com
access-control-allow-credentials: false
cf-ray: 59cf75e95b9d05b3-FRA
access-control-allow-headers: *

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5E75 0
0 48ms
48ms Document
text/html 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1752884.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress3
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/

Response headers

status: 200
date: Tue, 02 Jun 2020 07:28:57 GMT
content-type: text/html
content-length: 851
last-modified: Fri, 22 May 2020 15:20:09 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.085
section-origin-responded: true
age: 757138
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 8f3eb3704d5a572ef3ffd9ec7bb9c464

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1752884/ 178 B
321 B 70ms
69ms XHR
application/json 52.213.50.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1752884/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.aacb7ef51999cabcc7d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.50.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 78aeb854553a78a3556d7c15fee85d1d4232d6c2ec90d35d59dc2a9da49660ca

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 02 Jun 2020 07:28:57 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
283 B 163ms
162ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nv0du&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Tue, 02 Jun 2020 07:28:58 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: df527d0de7535cae55b7016fdd5c4f83
x-transaction: 0005d562000775d2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
258 B 28ms
28ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=5606823&pu=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&t=The+page+you+were+looking+for+doesn%27t+exist+(404)+%7C+Appodeal+Intelligent+Ad+Mediation&cts=1591082938099&vi=b8200bef3434ea0da191d86ed66c8886&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 59cf75eb2ff16425-FRA
date: Tue, 02 Jun 2020 07:28:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 03158806f900006425ab279200000001
x-robots-tag: none

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1468129376844388&ev=Microdata&dl=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F&rl=&if=false&ts=1591082939209&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22titl...
https://cx.atdmt.com/?c=9585939419973285048&f=AYwaHeaeoU1v5aQBn7GS6DT1NRRzKwUlRDqrHdKWoq7fhAAWdYl6_jbYi-rwYYioPN5havkeVNGqHd0xCCaOGVbJ&id=1468129376844388&l=3&v=0

42 B
467 B

53ms
38ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=9585939419973285048&f=AYwaHeaeoU1v5aQBn7GS6DT1NRRzKwUlRDqrHdKWoq7fhAAWdYl6_jbYi-rwYYioPN5havkeVNGqHd0xCCaOGVbJ&id=1468129376844388&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jun 2020 07:28:59 GMT, Tue, 02 Jun 2020 07:28:59 GMT, Tue, 02 Jun 2020 07:28:59 GMT
content-type: image/gif
alt-svc: h3-27=":443"; ma=3600
content-length: 42
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma: no-cache
date: Tue, 02 Jun 2020 07:28:59 GMT, Tue, 02 Jun 2020 07:28:59 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=9585939419973285048&f=AYwaHeaeoU1v5aQBn7GS6DT1NRRzKwUlRDqrHdKWoq7fhAAWdYl6_jbYi-rwYYioPN5havkeVNGqHd0xCCaOGVbJ&id=1468129376844388&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
484 B 138ms
138ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5606823&currentUrl=http%3A%2F%2Fa.76674bdad304297eda3d325f449f6f49.com%2Fhome%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bae05382f851df48babaed701a909163670748c421e85df3f40b3f4d0a0336dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://a.76674bdad304297eda3d325f449f6f49.com/home/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 07:29:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 0315882cce000005b376b62200000001
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: http://a.76674bdad304297eda3d325f449f6f49.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 59cf7627b86705b3-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.76674bdad304297eda3d325f449f6f49.com/	1970-01-19 09:58:02	Name: _gat_UA-61673428-1 Value: 1
a.76674bdad304297eda3d325f449f6f49.com/	1969-12-31 23:59:59	Name: _hjIncludedInSample Value: 1
.76674bdad304297eda3d325f449f6f49.com/	1969-12-31 23:59:59	Name: _hjid Value: 8b860d73-d9c8-4d88-92f2-4c2465e25e11
.76674bdad304297eda3d325f449f6f49.com/	1970-01-19 09:58:02	Name: _gat Value: 1
.76674bdad304297eda3d325f449f6f49.com/	1970-01-19 12:07:38	Name: _fbp Value: fb.1.1591082937705.900264687
.76674bdad304297eda3d325f449f6f49.com/	1970-01-19 10:41:14	Name: __cfduid Value: d4b5f5001cc9225e8c3111b292c879b471591082937
.76674bdad304297eda3d325f449f6f49.com/	1970-01-19 12:07:38	Name: _gcl_au Value: 1.1.140991749.1591082938
.76674bdad304297eda3d325f449f6f49.com/	1970-01-19 09:59:29	Name: _gid Value: GA1.2.152364561.1591082938
.76674bdad304297eda3d325f449f6f49.com/	1970-01-20 03:29:14	Name: _ga Value: GA1.2.1564886471.1591082938

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.76674bdad304297eda3d325f449f6f49.com
ajax.googleapis.com
analytics.twitter.com
api.hubspot.com
connect.facebook.net
cx.atdmt.com
fonts.googleapis.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
track.hubspot.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.197
104.244.42.3
147.75.102.13
147.75.32.125
147.75.33.131
151.101.112.157
216.58.206.2
2606:4700:3035::ac43:819a
2606:4700::6811:47b0
2606:4700::6811:71b0
2606:4700::6811:7fab
2606:4700::6811:d2cc
2606:4700::6811:e8cc
2606:4700::6811:ebcc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:801::200e
2a00:1450:4001:806::2004
2a00:1450:4001:815::200a
2a00:1450:4001:816::2003
2a00:1450:4001:81a::200a
2a00:1450:400c:c00::9a
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.213.50.60
0f67ceb15b2cf93b683178360b1195f61b865fa9479e97b73e53a3e165b1fa57
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1aed74fd98182daf57229524cedcb4c1aaa2a35784d2794fcd010929e9a3b71f
20f2b7c4f6f460542ac14424e621a9aa42dbdd98447feb325b3e81e322598860
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
41d58629909be9e45283346e1c6e3b6891f5f9f44f0758b3f674a15a8844aae0
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
660e21a7997c5280491cda491a92e59ccb0afbfb310c5ed7f5f7ab526317e52a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
78aeb854553a78a3556d7c15fee85d1d4232d6c2ec90d35d59dc2a9da49660ca
89003ac843adb643c643e05d9de4d27e4db3778e47af75cefec2ce99d828e166
8f2af714b09bee827bf9a5467d2f9afb4455478a8377d6a9076a71f49e65498e
92f435fb18fd816783c818b5c6ef3f57ae162dc7c33050e14c71bdf4599cf03d
94bba5bf2fd946047b33a63c66b1304f3f4cad7b7d47c5465bdcfb3943b8c309
a6dc5134f72d3971c1518e47c1fcd78e5d9453483002d6803d77aab4cf6ad8d8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afdd744ff979fe944d568f2f8143700976dc4f74f22a9804f3f2146b214a8b0f
b2ec5c00f9f13dae7d6ff4285e0e04b04153bbfc2c765ee5d3ac1bd97c5b93a0
bae05382f851df48babaed701a909163670748c421e85df3f40b3f4d0a0336dd
bf46a9c9af0c556c0272432efe1e9958c13b695bc6e6e8b59c34dc8e2f35e7cd
c37721dddca41322bd2ffebd16ba7d58c76f101313b384036955815617e4b18e
cb2f794d884831cf76ab7f16e55a2bacf8e0f2d9e105f7b3e75e405d1a4b8697
ce2ffa5165031edba4128fa1e42d6430a947a37c1e739f61edc583e82a769165
d28461ed4882fac05a38cd595e60d7a065a9760d1b99d5d2df47a6ac5e0d6e81
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eedadef3db437b0dd693b96603ca14afe92c522780453c5e36d287e088ef8cd8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffb4656f8d530c3cab9cf916b12b954ce833b7450f72d8ead875375f3ecd7aa6

a.76674bdad304297eda3d325f449f6f49.com Open in urlscan Pro 2606:4700:3035::ac43:819a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

91 %HTTPS

72 %IPv6

23 Domains

30 Subdomains

28 IPs

6 Countries

535 kBTransfer

2262 kBSize

9 Cookies

11 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

a.76674bdad304297eda3d325f449f6f49.com Open in urlscan Pro
2606:4700:3035::ac43:819a Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

91 %
HTTPS

72 %
IPv6

23
Domains

30
Subdomains

28
IPs

6
Countries

535 kB
Transfer

2262 kB
Size

9
Cookies

44 HTTP transactions
0 data transactions