messenger-total-promotions.printavo.com Open in urlscan Pro
45.223.138.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969?preauth=eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2ODIyNzEwODMsIm...
Effective URL:
https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Submission Tags: falconsandbox
Submission: On April 20 via api (April 20th 2023, 6:39:37 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 30 domains to perform 86 HTTP transactions. The main IP is 45.223.138.129, located in United States and belongs to INCAPSULA, US. The main domain is messenger-total-promotions.printavo.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q1 on April 4th 2023. Valid for: 6 months.

This is the only time messenger-total-promotions.printavo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	45.223.138.129 45.223.138.129	19551 (INCAPSULA) (INCAPSULA)
12	13.32.118.55 13.32.118.55	16509 (AMAZON-02) (AMAZON-02)
3	13.35.252.40 13.35.252.40	16509 (AMAZON-02) (AMAZON-02)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	52.216.208.225 52.216.208.225	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f028:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a02:26f0:480... 2a02:26f0:480:e::210:f108	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:215... 2600:9000:2156:2600:1b:e643:4ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:1200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	75.101.184.39 75.101.184.39	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:205... 2600:9000:205e:d800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:350... 2a02:26f0:3500:88f::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	54.187.99.131 54.187.99.131	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8cce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:76be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
86	35

4 45.223.138.129 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

messenger-total-promotions.printavo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.32.118.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-55.fra60.r.cloudfront.net

djqnomyzwkbyb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.252.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-252-40.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn.filestackcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.208.225 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

www-printavo-com.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f028:100:face:b00c:0:3 (Sofia, Bulgaria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:e::210:f108 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2600:1b:e643:4ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

scripts.attributionapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:1200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.184.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-184-39.compute-1.amazonaws.com

track.attributionapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:205e:d800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:88f::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.99.131 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-99-131.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:76be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cloudfront.net djqnomyzwkbyb.cloudfront.net	1008 KB
10	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 776	27 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 m.stripe.com — Cisco Umbrella Rank: 2198	116 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	279 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	352 KB
4	printavo.com 1 redirects messenger-total-promotions.printavo.com	47 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3425	670 B
3	google.com www.google.com — Cisco Umbrella Rank: 16	670 B
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 926	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 519	13 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	20 KB
3	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	15 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 896	18 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	16 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	734 B
2	attributionapp.com scripts.attributionapp.com — Cisco Umbrella Rank: 141138 track.attributionapp.com — Cisco Umbrella Rank: 116661	49 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	172 KB
2	filestackcontent.com cdn.filestackcontent.com — Cisco Umbrella Rank: 24894	17 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 477	397 B
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 4128	903 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 5659	943 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5516	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 3866	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 3809	64 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4130	898 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1867	157 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1749	8 KB
1	amazonaws.com www-printavo-com.s3.amazonaws.com	74 KB
86	30

	Domain	Requested by
12	djqnomyzwkbyb.cloudfront.net	messenger-total-promotions.printavo.com djqnomyzwkbyb.cloudfront.net
10	js-agent.newrelic.com	messenger-total-promotions.printavo.com
6	www.facebook.com	messenger-total-promotions.printavo.com
4	connect.facebook.net	messenger-total-promotions.printavo.com connect.facebook.net
4	messenger-total-promotions.printavo.com	1 redirects messenger-total-promotions.printavo.com
3	www.google.de	messenger-total-promotions.printavo.com
3	www.google.com	messenger-total-promotions.printavo.com
3	ct.pinterest.com	messenger-total-promotions.printavo.com s.pinimg.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com messenger-total-promotions.printavo.com
3	q.stripe.com	messenger-total-promotions.printavo.com
3	snap.licdn.com	messenger-total-promotions.printavo.com www.googletagmanager.com js.hsadspixel.net
3	js.stripe.com	messenger-total-promotions.printavo.com js.stripe.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com messenger-total-promotions.printavo.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	messenger-total-promotions.printavo.com
2	www.googletagmanager.com	messenger-total-promotions.printavo.com www.googletagmanager.com
2	cdn.filestackcontent.com	messenger-total-promotions.printavo.com
1	bam.nr-data.net	js-agent.newrelic.com
1	track.hubspot.com
1	api.hubapi.com	messenger-total-promotions.printavo.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	m.stripe.com	m.stripe.network
1	stats.g.doubleclick.net	messenger-total-promotions.printavo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	track.attributionapp.com	messenger-total-promotions.printavo.com
1	alb.reddit.com	messenger-total-promotions.printavo.com
1	px4.ads.linkedin.com	messenger-total-promotions.printavo.com
1	www.linkedin.com	1 redirects
1	www.redditstatic.com	messenger-total-promotions.printavo.com
1	scripts.attributionapp.com	messenger-total-promotions.printavo.com
1	www-printavo-com.s3.amazonaws.com	messenger-total-promotions.printavo.com
86	37

This site contains links to these domains. Also see Links.

Domain
cdn.filestackcontent.com
mtpprint.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-04-04` - `2023-10-01`	6 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.filestackcontent.com R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-28` - `2023-04-28`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.attributionapp.com Sectigo ECC Domain Validation Secure Server CA	`2023-03-01` - `2024-03-17`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
track.attributionapp.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Frame ID: C835B380908D5812A535ABEE5D3B2446
Requests: 77 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 717ECFC8CCCA79F36F8141B2B08BB5A3
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A36990A77975287A16E8E65439E1EECA
Requests: 4 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9BEE95C52ED4ED78C21BD18D302C507C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Printavo - #20078 - Messenger Total Promotions

Page URL History Show full URLs

https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969?preauth=eyJhbGciOiJSUzI1NiJ9.eyJleH... HTTP 302
https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969 Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

99 %
HTTPS

64 %
IPv6

30
Domains

37
Subdomains

35
IPs

4
Countries

2050 kB
Transfer

6518 kB
Size

33
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.filestackcontent.com/6noRvf6sS6iqiosOERKM+.png

Search URL Search Domain Scan URL

URL: https://cdn.filestackcontent.com/TfsTmMhTv20Yr22Pnu4k+.png

Search URL Search Domain Scan URL

URL: https://mtpprint.com/
Title: https://mtpprint.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969?preauth=eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2ODIyNzEwODMsImlzcyI6NjYwMzYzNywidmVyIjoiY3VzdG9tZXItcHJlYXV0aC12MSIsIm9yZGVyX2lkIjoxMTU0MjcyNH0.Rx-Y0LkIveujfM8yVg9bMT6k4TrevB7T9dHn5pBzISK_51_1hHWqTwN4LQJwAcOsOvvS0_PmOnnnz7evIk1t8886gCnrPRaD5Sk8gQkhBd2uHWw4JC0WX_bERj9xHJhuIzdp_6fVIX_GLwzD5wMYbz2_36_03T8ri_wsQhbK_rEpK_3LIF0tL9xOcmU2Wx72dswrE14fIIj6vjpHIXFyHpG3AIbJ0L6WCbcmJMtoMDS1tLJKsrEGG7pUpy7d3LkCUnw9bQP-8d_fwp0RcSkxlKO6LFG22YV8McdkNGTmxKSrYkeG_SFVvnEIJnFa6nJ4Z1mPtaHkAEhzgljdTKjXtA HTTP 302
https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=83282&time=1682015971786&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D83282%26time%3D1682015971786%26url%3Dhttps%253A%252F%252Fmessenger-total-promotions.printavo.com%252Finvoice%252Fcc72ce0953900719f5a3a16b86a63969%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=83282&time=1682015971786&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=83282&time=1682015971786&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&liSync=true&e_ipv6=AQL471bHw5Np9QAAAYef9usdzcC3MioMrNbvsxN1gpozObiJKwDNFuLD7tuAaJisxAUNqI2y

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cc72ce0953900719f5a3a16b86a63969 Show response
messenger-total-promotions.printavo.com/invoice/
Redirect Chain

https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969?preauth=eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2ODIyNzEwODMsImlzcyI6NjYwMzYzNywidmVyIjoiY3VzdG9tZXItcHJlYXV0aC12MSI...
https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

79 KB
24 KB

446ms
446ms

Document
text/html

45.223.138.129
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.138.129 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Cowboy /

Resource Hash

89de17780e3cc637b3d29634d595744af7466c3a2c1eb17ff4b86875f5ebde3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 18:39:30 GMT
etag: W/"b51c58ca6ec251716f15a7d190e7ed52"
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
via: 1.1 vegur
x-cdn: Imperva
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-iinfo: 9-112940321-112940409 NNNN CT(95 100 0) RT(1682015969974 498) q(0 0 2 -1) r(5 5) U24
x-permitted-cross-domain-policies: none
x-request-id: b44aa7ca-20e4-4009-a9d9-4a6e0867824d
x-robots-tag: noindex, nofollow, noarchive
x-runtime: 0.134537
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 18:39:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
via: 1.1 vegur
x-cdn: Imperva
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-iinfo: 1009-112940321-112940345 NNNN CT(95 106 0) RT(1682015969974 112) q(0 0 2 1) r(4 4) U24
x-permitted-cross-domain-policies: none
x-request-id: b228d9a0-ed99-488b-a931-24c8178fd3ae
x-robots-tag: noindex, nofollow, noarchive
x-runtime: 0.068785
x-xss-protection: 1; mode=block

GET
H2 200 application.db1ef9fa.css
djqnomyzwkbyb.cloudfront.net/vite/assets/ 17 KB
5 KB 47ms
8ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/vite/assets/application.db1ef9fa.css

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

db1ef9fa5b036f6f50bbed87f120ec64c6fb9d8480876a9ccee4068425d72660

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 03:09:23 GMT
access-control-request-method: GET,OPTIONS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur, 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 228607
x-cache: Hit from cloudfront
x-iinfo: 7-44221805-44221806 NNNN CT(100 103 0) RT(1681787364294 2) q(0 0 3 1) r(4 4) U24
content-length: 4121
last-modified: Tue, 18 Apr 2023 02:51:28 GMT
server: Cowboy
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: 7UgrcglrKs8rNcOYyvBafXwXh-XI74V-StU_0MbBLVzS4a0CzuPQHw==

GET
H2 200 application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css
djqnomyzwkbyb.cloudfront.net/assets/ 453 KB
88 KB 47ms
9ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

23bba3e206a97faa6d5277f653e709e884f50aa46748ea0f5aca19f960bc2ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 03:36:51 GMT
access-control-request-method: GET,OPTIONS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur, 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 226960
x-cache: Hit from cloudfront
x-iinfo: 8-118927588-118927590 NNNN CT(93 97 0) RT(1681789011153 6) q(0 0 2 0) r(2 3) U24
content-length: 89125
last-modified: Tue, 18 Apr 2023 03:05:56 GMT
server: Cowboy
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: 9lTgXylP89Ai9CsO8G7P20ZpVCzJWgqJlNy9r_M5H2CR_Ko5V8mVjA==

GET
H2 200 app-804f19f2e794be05b4492c131de42ccfe2d9fd20cffb08f7faf33b3b9ab09252.css
djqnomyzwkbyb.cloudfront.net/assets/ 71 KB
16 KB 59ms
21ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/app-804f19f2e794be05b4492c131de42ccfe2d9fd20cffb08f7faf33b3b9ab09252.css

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

bf348b6290f1401bdb762ac5b549d96180f8823cef2252c50230f19498cb6fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 12:42:25 GMT
access-control-request-method: GET,OPTIONS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur, 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 1663025
x-cache: Hit from cloudfront
x-iinfo: 8-16059904-16059907 NNNN CT(102 104 0) RT(1680352945761 7) q(0 0 2 1) r(3 3) U24
content-length: 16204
last-modified: Sun, 19 Feb 2023 18:42:22 GMT
server: Cowboy
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: DadCD7RIAH2oCgaZWeJrqdgCY7eOdhlDWch_h75GMvms0SvWA0KKNw==

GET
H2 200 responsive-ca68c5738ad1a48fc59fe1baff3605ee09ae07ff9226009bce90c48beb0b7f88.css
djqnomyzwkbyb.cloudfront.net/assets/ 44 KB
8 KB 60ms
23ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/responsive-ca68c5738ad1a48fc59fe1baff3605ee09ae07ff9226009bce90c48beb0b7f88.css

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

101f58547fbac086bb6abac881a5469bac87289b25a177e32eb61ea841def2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:51:05 GMT
access-control-request-method: GET,OPTIONS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur, 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 323305
x-cache: Hit from cloudfront
x-iinfo: 3-36493474-36493475 NNNN CT(96 102 0) RT(1681692665160 4) q(0 0 2 0) r(3 3) U24
content-length: 7419
last-modified: Sun, 19 Feb 2023 18:42:22 GMT
server: Cowboy
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: HJJj-PQE7x29WXOGkfMivelaz5icRBiOVWRHfR2OMAHeZxm-f9REzQ==

GET
H2 200 application-b84baaa7c00fcc2e9ccb3f8bfc884e59885ded4daab75ac018aa3bde0e1543ce.js Show response
djqnomyzwkbyb.cloudfront.net/assets/ 2 MB
631 KB 62ms
24ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/application-b84baaa7c00fcc2e9ccb3f8bfc884e59885ded4daab75ac018aa3bde0e1543ce.js

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

6813032b4bfc4718236b3315084e1ca7a7f3f3f8c43b0746f1eb3a39017ce560

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 04:43:48 GMT
access-control-request-method: GET,OPTIONS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur, 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 1605342
x-cache: Hit from cloudfront
x-iinfo: 11-100533685-100533686 NNNN CT(95 98 0) RT(1680410628658 6) q(0 0 2 0) r(3 3) U24
content-length: 644949
last-modified: Tue, 07 Mar 2023 01:31:04 GMT
server: Cowboy
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: CFKqJqdUYgis7hwC65SREqgGypBHhk8EuGwjcc04Yqr2d2wI4YRC6w==

GET
H2 200 / Show response
js.stripe.com/v3/ 463 KB
111 KB 60ms
10ms Script
text/javascript 13.35.252.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.252.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-252-40.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a2b05251d8b8c6398b5c64c9ba15d9cc917381474ae77d24aeb6242fc5ba7087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 18:39:10 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 21
x-cache: Hit from cloudfront
last-modified: Thu, 20 Apr 2023 17:39:55 GMT
server: Cloudfront
etag: W/"1253c080fca94decd8be23f2b2b76021"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: rrqEBZzsnW7sPbQTwhVER0E-l5dtUvV6WcqoePqCAc4XtTSvOHAoqA==

GET
H2 200 6noRvf6sS6iqiosOERKM
cdn.filestackcontent.com/ABjoiQcT3RRWaUMItoA6uz/resize=width:100,height:100/rotate=deg:exif/https://cdn.filestackcontent.com/ 7 KB
8 KB 128ms
99ms Image
image/png 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.filestackcontent.com/ABjoiQcT3RRWaUMItoA6uz/resize=width:100,height:100/rotate=deg:exif/https://cdn.filestackcontent.com/6noRvf6sS6iqiosOERKM
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cfead84d58465d990974c187dacc5de27c5da8f27ee144a8c20ebc1de9c9ba8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 9714
x-cache: HIT, MISS
content-disposition: inline; filename="20078 ASUS_Design.png"
content-length: 7458
x-served-by: cache-iad-kjyo7100059-IAD, cache-fra-eddf8230030-FRA
last-modified: Tue, 11 Apr 2023 16:22:54 GMT
x-timer: S1682015972.536085,VS0,VE91
etag: "68df1784d213e699e7c42970a0c2bdaf"
x-file-name: 20078 ASUS_Design.png
access-control-max-age: 21600
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=1843343
filestack-trace-id: 1682006257-SAIm1x2zSM
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 5, 0

GET
H2 200 TfsTmMhTv20Yr22Pnu4k
cdn.filestackcontent.com/ABjoiQcT3RRWaUMItoA6uz/resize=width:100,height:100/rotate=deg:exif/https://cdn.filestackcontent.com/ 9 KB
10 KB 103ms
99ms Image
image/png 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.filestackcontent.com/ABjoiQcT3RRWaUMItoA6uz/resize=width:100,height:100/rotate=deg:exif/https://cdn.filestackcontent.com/TfsTmMhTv20Yr22Pnu4k
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af084fe75051a69aac3d0d00c3f0592461593f126e75f9ba12174670d9d9d9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 169601
x-cache: HIT, MISS
content-disposition: inline; filename="20078 Art Proof-01.png"
content-length: 9628
x-served-by: cache-iad-kiad7000091-IAD, cache-fra-eddf8230030-FRA
last-modified: Tue, 18 Apr 2023 19:32:51 GMT
x-timer: S1682015972.536064,VS0,VE90
etag: "f3e5f6266a3d15b5457666c36134fa55"
x-file-name: 20078 Art Proof-01.png
access-control-max-age: 21600
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=2608030
filestack-trace-id: 1681846369-zuM6DBrWSQ
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 6, 0

GET
H/1.1 200
OK thumb2x_mtp_printavo.png
www-printavo-com.s3.amazonaws.com/uploads/account/logo/35812/ 74 KB
74 KB 497ms
158ms Image
image/png 52.216.208.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-printavo-com.s3.amazonaws.com/uploads/account/logo/35812/thumb2x_mtp_printavo.png
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.208.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b130402e42a767a8222cc4180aa8a97026c6ed8c00d1694e6615b07c12604f46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 18:39:33 GMT
Last-Modified: Wed, 04 Jan 2023 16:57:19 GMT
Server: AmazonS3
x-amz-request-id: K14TNP7KSZ5J4WWY
ETag: "3b177937c298667cb18682341664f468"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Cache-Control: max-age=315576000
Accept-Ranges: bytes
Content-Length: 75803
x-amz-id-2: I5KwlBlQk5+lISVTl4suwHkJW8Mnjo9sF0/ZdPA1ITrTOdAfmfOzNxm1p22QDNhsSMh4gSxGAvk=

GET
H2 200 jquery.stickyheader-9feb22e19ab1e6a8e37ea325740b9e5747aa448186f4967faae4c8d487e420e6.js Show response
djqnomyzwkbyb.cloudfront.net/assets/ 2 KB
1 KB 32ms
32ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/jquery.stickyheader-9feb22e19ab1e6a8e37ea325740b9e5747aa448186f4967faae4c8d487e420e6.js

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

158aefaca1a2efa08d28d81bc8ca106261ec0888e8ede5db8d1d7ce9ec59c0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 12:37:16 GMT
access-control-request-method: GET,OPTIONS
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur, 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 108135
x-cache: Hit from cloudfront
x-iinfo: 8-47024538-47024539 NNNN CT(95 97 0) RT(1681907836503 13) q(0 0 2 0) r(3 3) U24
content-length: 669
last-modified: Sun, 19 Feb 2023 18:42:22 GMT
server: Cowboy
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: bHzpb44m--ecXyvX6WN1wW7_SscHlUm7E297cBjz5gYNHJ3cv-kjkQ==

GET
H2 200 _Incapsula_Resource Show response
messenger-total-promotions.printavo.com/ 156 KB
22 KB 16ms
12ms Script
application/javascript 45.223.138.129
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://messenger-total-promotions.printavo.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=653151225
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.138.129 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: aa3b263e741568d813f4470ec5edc0a8ebc8bbba0fbae767f6b8042fb02abd53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 22349
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
88 KB 137ms
57ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXVPTR

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60913bdca245f5b2cf1ead72e71516d4bf7a8d4b7c260bf2a84797994ad2acb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 18:39:31 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 101ms
34ms Script
application/x-javascript 2a03:2880:f028:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f028:100:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Apr 2023 18:39:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nnSX0CrLRMNJD/C+189B6KMbK8EtWj9l/G4OPTyf7aa0exTKAB9nNQvEJwooEJ8sR8w6y7x85/j4/t1bLg9TNg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1460883810
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 print-c3ec54237a2c3944c7bec0ec507768549d707cfd64cc1c4a53fe333197936ff9.css
djqnomyzwkbyb.cloudfront.net/assets/ 5 KB
2 KB 9ms
6ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/print-c3ec54237a2c3944c7bec0ec507768549d707cfd64cc1c4a53fe333197936ff9.css

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

c447c184e140182676eb110e477cc400d27b5e820142c336d40560ab67c8d0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-request-method: GET,OPTIONS
content-encoding: gzip
date: Tue, 21 Mar 2023 19:06:05 GMT
via: 1.1 vegur, 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 2590406
x-cache: Hit from cloudfront
x-iinfo: 10-100660641-100660642 SNNN RT(1676833466175 749) q(0 0 0 0) r(1 1) U24
content-length: 1563
last-modified: Sun, 19 Feb 2023 18:42:22 GMT
server: Cowboy
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: Rba2Rc1mAibKE3xsdCPDUklH-jKW5qkn5-QVN5iRL-tr7wLYzeg01A==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 38ms
7ms Script
application/x-javascript 2a02:26f0:480:e::210:f108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:e::210:f108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=26391
accept-ranges: bytes
content-length: 4777

GET
H2 200 attribution.js Show response
scripts.attributionapp.com/ 188 KB
49 KB 57ms
9ms Script
text/javascript 2600:9000:2156:2600:1b:e643:4ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.attributionapp.com/attribution.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2600:1b:e643:4ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 106fb417f17d07a860ebd1466dd44c0f30c754560e24e4f85ce5b4b560fd6bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 05:56:35 GMT
content-encoding: gzip
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-version-id: ZeuoZABLXVpr8PnsTPjGL9Jnw7w2rJDZ
last-modified: Tue, 11 Jan 2022 14:13:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 823377
etag: W/"474a32856b401757baa407bb96ebb13f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=315360000, no-transform, public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Z5XWSR6oO1x7G4iik13qtKJTRBRnNptLZAeLKfQ7Oy5LraiEs5ppaw==

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 45ms
7ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 fa-solid-900-addc97d14257b43232b89194f73bd3b862007d5eedcb4569362b8f26356d8db3.woff2
djqnomyzwkbyb.cloudfront.net/assets/fontawesome/ 151 KB
151 KB 23ms
8ms Font
application/font-woff2 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/fontawesome/fa-solid-900-addc97d14257b43232b89194f73bd3b862007d5eedcb4569362b8f26356d8db3.woff2

Requested by

Host: djqnomyzwkbyb.cloudfront.net
URL: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css
Origin: https://messenger-total-promotions.printavo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 14:12:58 GMT
access-control-request-method: GET,OPTIONS
via: 1.1 vegur, 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 1398393
x-cache: Hit from cloudfront
x-iinfo: 6-15389478-15389479 NNNN CT(101 103 0) RT(1680617577607 6) q(0 0 2 0) r(3 3) U24
content-length: 154228
last-modified: Sun, 19 Feb 2023 18:42:22 GMT
server: Cowboy
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: RgXnHN89-FP9NdZevr1Gwj7h1gcc9z7t79sK5JoGNKnUoEnklf00Kw==

GET
H2 200 proximanova-semibold-webfont-9a4ed2813ee0bd5a1297ff8ae1612a3ea3a2c459e42a025401d8ad272479e401.woff
djqnomyzwkbyb.cloudfront.net/assets/ 26 KB
27 KB 31ms
17ms Font
application/font-woff 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/proximanova-semibold-webfont-9a4ed2813ee0bd5a1297ff8ae1612a3ea3a2c459e42a025401d8ad272479e401.woff

Requested by

Host: djqnomyzwkbyb.cloudfront.net
URL: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

f0e433ef9294d650099f75a6e4242f24fdcc35676c33385f5f90e1191e8ed867

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css
Origin: https://messenger-total-promotions.printavo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:46:24 GMT
access-control-request-method: GET,OPTIONS
via: 1.1 vegur, 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 1849987
x-cache: Hit from cloudfront
x-iinfo: 13-114018525-114018526 NNYN CT(100 104 0) RT(1680165984259 4) q(0 0 2 1) r(3 3) U24
last-modified: Sun, 19 Feb 2023 18:42:22 GMT
server: Cowboy
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: s-3Gnmv_MviXJEoNdy3pWLAYoOgyFD1vxBdSCqLkYc7RQH5YwQi0CA==

GET
H2 200 proximanova-regular-webfont-df89bdafb6f8af51a056edcefbe96f5fc78d62e9a20584becf4de57321913ca2.woff
djqnomyzwkbyb.cloudfront.net/assets/ 26 KB
26 KB 37ms
22ms Font
application/font-woff 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/proximanova-regular-webfont-df89bdafb6f8af51a056edcefbe96f5fc78d62e9a20584becf4de57321913ca2.woff

Requested by

Host: djqnomyzwkbyb.cloudfront.net
URL: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

d650b6646e20f2ef630fff14b99747f291272c58548f85735dcb6e73f7795805

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css
Origin: https://messenger-total-promotions.printavo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 19:24:02 GMT
access-control-request-method: GET,OPTIONS
via: 1.1 vegur, 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 342928
x-cache: Hit from cloudfront
x-iinfo: 8-74221742-74221744 SNYN RT(1681673042113 848) q(0 0 0 1) r(1 1) U24
last-modified: Sun, 19 Feb 2023 18:42:22 GMT
server: Cowboy
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: TT4LsO2WomDdv5BpNJW19tf8TIWbkmnCQfFzwqtyd48B2vCOPARFqw==

GET
H2 200 proximanova-bold-webfont-1fd70bff8b70b84d03202b3562df27c9e65594a6405532dd4bc35913dfb7b7dd.woff
djqnomyzwkbyb.cloudfront.net/assets/ 26 KB
27 KB 35ms
20ms Font
application/font-woff 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/proximanova-bold-webfont-1fd70bff8b70b84d03202b3562df27c9e65594a6405532dd4bc35913dfb7b7dd.woff

Requested by

Host: djqnomyzwkbyb.cloudfront.net
URL: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

bf893e61dc50b0a5a986583b0acc4e152ca7f323f073da0c4dcdfdd6f18d0e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css
Origin: https://messenger-total-promotions.printavo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 08:22:14 GMT
access-control-request-method: GET,OPTIONS
via: 1.1 vegur, 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 1505837
x-cache: Hit from cloudfront
x-iinfo: 5-1689196-1689197 NNYN CT(93 96 0) RT(1680510133766 5) q(0 0 2 0) r(3 3) U24
last-modified: Sun, 19 Feb 2023 18:42:22 GMT
server: Cowboy
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: WR3hiq36ecKsiUWDR3dtif26GrkHDPAp7F9U1P6xI92LiogEvkoCXQ==

GET
H2 200 proximanova-light-webfont-7c8824f359015004be4ea3639392ffe507dd2e0186ad052ce1958f5c7e244806.woff
djqnomyzwkbyb.cloudfront.net/assets/ 26 KB
26 KB 33ms
23ms Font
application/font-woff 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djqnomyzwkbyb.cloudfront.net/assets/proximanova-light-webfont-7c8824f359015004be4ea3639392ffe507dd2e0186ad052ce1958f5c7e244806.woff

Requested by

Host: djqnomyzwkbyb.cloudfront.net
URL: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-55.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

e0dbd0f8fde064bd18a9a56f6b820648caa7f69cecade96c618e2ced86efb4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://djqnomyzwkbyb.cloudfront.net/assets/application-18b05c47e3f9f6e87d3cfa966628628ff0acca74c642587b60deaa11cd48a8c2.css
Origin: https://messenger-total-promotions.printavo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 17:20:10 GMT
access-control-request-method: GET,OPTIONS
via: 1.1 vegur, 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-cdn: Imperva
x-amz-cf-pop: FRA60-P1
age: 1387160
x-cache: Hit from cloudfront
x-iinfo: 14-11916690-11916692 SNYN RT(1680628809564 1508) q(0 0 0 0) r(1 1) U24
last-modified: Sun, 19 Feb 2023 18:42:22 GMT
server: Cowboy
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-id: puCBABr28L-1kvgkC_EJ20OOluvcV06C1S7PSNUVQMZMMV6v_kxxGA==

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 717E 200 B
1 KB 10ms
9ms Document
text/html 13.35.252.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.252.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-252-40.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://messenger-total-promotions.printavo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3545
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 17:40:27 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 06 Apr 2023 20:02:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-id: McPbcCcIwvFizFQDir33Jm2FIK3iibnfLv91Ls0T3Ur_7lYNusBIjQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 _Incapsula_Resource
messenger-total-promotions.printavo.com/ 1 B
35 B 7ms
6ms Image
text/plain 45.223.138.129
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messenger-total-promotions.printavo.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5462909211433318
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.138.129 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 717E 0
716 B 545ms
174ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682015972236739
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682015972235235
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 717E 0
716 B 552ms
181ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682015972236261
x-envoy-upstream-service-time: 10
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 7
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682015972235342
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 717E 631 B
1 KB 11ms
11ms Script
text/javascript 13.35.252.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.252.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-252-40.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 20 Apr 2023 18:28:23 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 668
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 06 Apr 2023 20:02:21 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PkRFVhesQddg7yiMQheajVyH3uvzqMZzJuvXAqKBPuV8u6SmBojiVw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/83282/domain/messenger-total-promotions.printavo.com/ 36 B
368 B 176ms
155ms XHR
application/json 2600:9000:20eb:1200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/83282/domain/messenger-total-promotions.printavo.com/token
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://messenger-total-promotions.printavo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:31 GMT
content-encoding: gzip
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: iRM2TNcnOMBJmvQY-2rnf_hOHKwBlLTaObMbb0uuVcqSR4gSm6ESPg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=83282&time=1682015971786&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D83282%26time%3D1682015971786%26url%3Dhttps%253A%252F%252Fmessenger-total-promotio...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=83282&time=1682015971786&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=83282&time=1682015971786&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&liSync=true&e_ipv...

0
264 B

137ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=83282&time=1682015971786&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&liSync=true&e_ipv6=AQL471bHw5Np9QAAAYef9usdzcC3MioMrNbvsxN1gpozObiJKwDNFuLD7tuAaJisxAUNqI2y
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:31 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0F0EE6D55A4843369907330F19C70595 Ref B: FRAEDGE2018 Ref C: 2023-04-20T18:39:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5yNyIPD2ttHEgBfsitA==

Redirect headers

date: Thu, 20 Apr 2023 18:39:31 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2C753AE5A17A42FC84CDE5A4EA405A89 Ref B: FRAEDGE1806 Ref C: 2023-04-20T18:39:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=83282&time=1682015971786&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&liSync=true&e_ipv6=AQL471bHw5Np9QAAAYef9usdzcC3MioMrNbvsxN1gpozObiJKwDNFuLD7tuAaJisxAUNqI2y
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5yNyGECFSPKMk7+3eRw==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 320ms
98ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1682015971789&id=t2_4ytlz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=85bf8a1e-baa5-47b9-88ea-41fb8dd4d1ce&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H/1.1 200
OK p Show response
track.attributionapp.com/ 0
345 B 361ms
113ms XHR
application/json 75.101.184.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://track.attributionapp.com/p

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.101.184.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-75-101-184-39.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://messenger-total-promotions.printavo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Apr 2023 18:39:31 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Server: Cowboy
Access-Control-Allow-Methods: OPTIONS, GET, POST, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Content-Type
Content-Length: 0

GET
H2 200 273121863102586 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 34ms
33ms Script
application/x-javascript 2a03:2880:f028:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/273121863102586?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f028:100:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c009255af164a905ca9dde0ba14f6b96e703e06661f61d11919fe7e8787c2fbd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Apr 2023 18:39:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110562
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: n/oh92/ZPOfSCgnUoIvRjKThGZKbA7caHg+G9NycJL0OFq/0ql2hfSdsPfC2Q2XKB8uOsXqbcnLrs63dn1q7TQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1460883810
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A369 930 B
2 KB 59ms
9ms Document
text/html 2600:9000:205e:d800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:205e:d800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 167
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 18:36:46 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id: -2O3FoX4RJh2PyC_TXVewSX8bZsJkSBiDLwibH1qtpFseYMHMQXIjw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
14ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXVPTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 16:43:52 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6940
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 20 Apr 2023 18:43:52 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1009087944/ 3 KB
2 KB 181ms
77ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1009087944/?random=1682015971904&cv=11&fst=1682015971904&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&hn=www.googleadservices.com&frm=0&tiba=Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions&auid=520391086.1682015972&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXVPTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa5f2fc15c5f31342b3aeec29783d92f68d47c0f717b4ff3cea931eedfbd68c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 133ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXVPTR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 20 Apr 2023 18:39:31 GMT
last-modified: Thu, 13 Apr 2023 18:46:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8988376E3C9841C3ACCAAD5B5CC6BBD9 Ref B: FRAEDGE1418 Ref C: 2023-04-20T18:39:32Z
etag: "8013f653386ed91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12030

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
750 B 110ms
9ms Script
application/javascript 2a02:26f0:3500:88f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXVPTR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "6fe18a21f263bd65310c79df7a66e9b2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 484

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10994280158/ 3 KB
1 KB 182ms
82ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10994280158/?random=1682015971912&cv=11&fst=1682015971912&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&hn=www.googleadservices.com&frm=0&tiba=Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions&auid=520391086.1682015972&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXVPTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adcce0f075b1074ce8dcf75cc2f2942e4e1a99c4f5f0bc7941850dc1d1dbeef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:480:e::210:f108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXVPTR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:e::210:f108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=26391
accept-ranges: bytes
content-length: 4777

GET
H2 200 3717916.js Show response
js.hs-scripts.com/ 1 KB
898 B 230ms
133ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3717916.js?businessUnitId=590319
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXVPTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a9dcdd1193c2809eb08fd8579baa88c8f496ba83af0483505eae725c7837b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 20 Apr 2023 16:32:53 GMT
server: cloudflare
x-hubspot-correlation-id: 40665a23-cc48-43aa-b4f4-ca0b80ca4ef4
x-trace: 2BD8395E5DC506ADA92EEF8C4E77E9C485074E7D2C000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://messenger-total-promotions.printavo.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7baf82b108233626-FRA
expires: Thu, 20 Apr 2023 18:40:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
83 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8JBZWM5CLD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXVPTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6beced9c685b836493c878b62c5e8114dd9cc140c3b26fc3a6717b26d4f7dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 18:39:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=273121863102586&ev=PageView&dl=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&rl=&if=false&ts=1682015972030&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682015972029.1274266351&it=1682015971834&coo=false&rqm=GET

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Apr 2023 18:39:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8JBZWM5CLD&gtm=45je34c0&_p=744320527&cid=85788902.1682015972&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682015972&sct=1&seg=0&dl=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&dt=Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JBZWM5CLD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://messenger-total-promotions.printavo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame A369 0
490 B 262ms
173ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682015972236027
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1682015972235587
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 main.da2a1c8f.js Show response
s.pinimg.com/ct/lib/ 57 KB
17 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:88f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "b3fc8cf847afb7d5cf4f05e5407d05a3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17556

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
225 B 17ms
17ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=744320527&t=pageview&_s=1&dl=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&ul=en-us&de=UTF-8&dt=Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1440552034&gjid=381325079&cid=85788902.1682015972&tid=UA-21299846-1&_gid=1181487738.1682015972&_r=1&_slc=1&gtm=45He34c0n71KXVPTR&z=1504761803

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://messenger-total-promotions.printavo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://messenger-total-promotions.printavo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame A369 86 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:205e:d800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:205e:d800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 18:36:52 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 161
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: jl_IIEiX-Q5DbCiaojrHNakCQ3Y00v2nj6NalAcJXvZC-OG_H533UQ==

GET
H2 204 25039303.js Show response
bat.bing.com/p/action/ 0
135 B 104ms
103ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25039303.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 20 Apr 2023 18:39:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 44C6D559E9FE42B5B06A04D1A440A160 Ref B: FRAEDGE1418 Ref C: 2023-04-20T18:39:32Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25039303&tm=gtm002&Ver=2&mid=ef9bf536-3ebe-4b61-be40-9516e0e9236e&sid=b0bb2eb0dfaa11edacaad55fc528a3e5&vid=b0bb1d50dfaa11edad35230296b4b559&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions&p=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&r=&lt=1440&evt=pageLoad&sv=1&rn=802902

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 18:39:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9C8FE7AD4EA4B079BF0A5561ACA146F Ref B: FRAEDGE1418 Ref C: 2023-04-20T18:39:32Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
871 B 97ms
46ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613702695767&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1682015972087&dep=2%2CPAGE_LOAD

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.d7d5ce17.1682015972.7bce7941
x-envoy-upstream-service-time: 4
content-length: 375
x-pinterest-rid: 7294375210602104
pin-unauth: dWlkPVptVmpaalV3WkRFdE1HWmlOUzAwWlRsa0xUZzJZalF0TURCbE1USTRPR1EyTkdFMw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://messenger-total-promotions.printavo.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
332 B 87ms
35ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613702695767&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1682015972088

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d7d5ce17.1682015972.7bce7942
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1222689191230602
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1009087944/ 42 B
455 B 136ms
51ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1009087944/?random=1682015971904&cv=11&fst=1682013600000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&frm=0&tiba=Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions&fmt=3&is_vtc=1&random=719139251&rmt_tld=0&ipr=y

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1009087944/ 42 B
455 B 133ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1009087944/?random=1682015971904&cv=11&fst=1682013600000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&frm=0&tiba=Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions&fmt=3&is_vtc=1&random=719139251&rmt_tld=1&ipr=y

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
365 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-21299846-1&cid=85788902.1682015972&jid=1440552034&gjid=381325079&_gid=1181487738.1682015972&_u=YADAAEAAAAAAACAAI~&z=1273742865

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://messenger-total-promotions.printavo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Apr 2023 18:39:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://messenger-total-promotions.printavo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame A369 156 B
670 B 543ms
181ms XHR
application/json 54.187.99.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.99.131 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-99-131.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c7ef60a7c92628de9dc765d3bd637b2af7eb498c06b2b96ad2d8cce0c62d7e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 20 Apr 2023 18:39:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682015972610674
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682015972609555
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 /
www.google.com/pagead/1p-user-list/10994280158/ 42 B
108 B 55ms
52ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10994280158/?random=1682015971912&cv=11&fst=1682013600000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&frm=0&tiba=Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions&fmt=3&is_vtc=1&random=2896537483&rmt_tld=0&ipr=y

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10994280158/ 42 B
108 B 53ms
51ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10994280158/?random=1682015971912&cv=11&fst=1682013600000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&frm=0&tiba=Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions&fmt=3&is_vtc=1&random=2896537483&rmt_tld=1&ipr=y

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/3717916/ 208 KB
64 KB 414ms
395ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/3717916/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3717916.js?businessUnitId=590319
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87c02bd76ce8bd3fdc81c4d8846e55a547c7067a561a1ca61230dd0b7b0da90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-version-id: SJR9AJVy.oCsoaCKvp3DO8R.5VFEc5Tp
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: R4YWN3WBK62S2QKY
x-amz-server-side-encryption: AES256
x-amz-id-2: +PF09yqpLIG75DGObP1V+ORfwCnaGtfykO54n3hIdU2aC8I2H/QUR72n7iqyhBawI5rS217rDyk=
last-modified: Mon, 17 Apr 2023 15:14:24 GMT
server: cloudflare
etag: W/"9c828d39163c857143b7601fcd7af6b2"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://b-e-sportswear.printavo.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7baf82b22f662ba6-FRA
expires: Thu, 20 Apr 2023 18:44:32 GMT

GET
H2 200 3717916.js Show response
js.hs-analytics.net/analytics/1682015700000/ 65 KB
21 KB 37ms
19ms Script
text/javascript 2606:4700::6810:8cce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1682015700000/3717916.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3717916.js?businessUnitId=590319
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8cce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c706ae06e08eebcf6d816d10a0a2484e5f708f9b3bea372c8a8064977a2999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8P04BJPY481XNRB9
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 212
x-envoy-upstream-service-time: 17
x-amz-id-2: VJIF+dPvZVvmPpJbvYol1HVxaznn+ZMMm4mNS940ZW+wnfq3qV7r5pixT8GyL+pl7+Ki1Hw5Xd0=
x-evy-trace-listener: listener_https
x-request-id: 21022b8a-243b-4df0-80ea-042ba570f632
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Apr 2023 13:58:56 GMT
server: cloudflare
etag: W/"c73a30559249d71614f6612653465204"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6cf99cf576-rcwr9
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7baf82b22b3530d8-FRA
expires: Thu, 20 Apr 2023 18:41:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 32ms
13ms Script
application/javascript 2606:4700::6810:76be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3717916.js?businessUnitId=590319
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:76be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df60d15ee1b87cc9007f1d50ea2d9fd8560ac1b7cf143a51208f20b27a59fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-version-id: .SjrrXgKPXt.4Z9u7JrAeq5b0ko7RK6Q
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 444
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.360/bundles/pixels-release.js&cfRay=7baf77d9fa6b2c72-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 17 Apr 2023 03:30:21 UTC
server: cloudflare
etag: W/"1ecc18fb1c2090998fc7361c029fa6a1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7baf82b239de2c55-FRA
x-amz-cf-id: UcWoZyC8mNbzaTfD0L6420Lz5tMiHRPU9nLbLPTcGjnZL6-TGW8Q3w==
x-hs-target-asset: adsscriptloaderstatic/static-1.360/bundles/pixels-release.js

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 76ms
76ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21299846-1&cid=85788902.1682015972&jid=1440552034&_u=YADAAEAAAAAAACAAI~&z=509140614

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 78ms
78ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21299846-1&cid=85788902.1682015972&jid=1440552034&_u=YADAAEAAAAAAACAAI~&z=509140614

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 18:39:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=273121863102586&ev=Microdata&dl=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&rl=&if=false&ts=1682015972532&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww-printavo-com.s3.amazonaws.com%2Fuploads%2Faccount%2Flogo%2F35812%2Fthumb2x_mtp_printavo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682015972029.1274266351&it=1682015971834&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Apr 2023 18:39:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 247 B
943 B 181ms
143ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=3717916

Requested by

Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce5664c31aa4a979de7fb20a1f6f7f80450a33bfa8c6f3e325d337c406b5d917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f92306f6-fa9e-4885-b47c-e20538bebed2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BB01CE7E70EBF57117D599D3247B9C1BC9C91D135000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://messenger-total-promotions.printavo.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mumG1nWHo0zUYJQ9VDBkkg%2F%2ByWC6ZFYG6aypZtOjSbq5SMsGEf%2FlkQSaeu7QM7aN8VIfMtraplD2uTZy8ifB%2F8HMfzGzphtZVVX%2BinnE8BZujD9PTuGXzAoO32vBhOGwC6HnbSVn5Cqitm6Q"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 7baf82b50f793a49-FRA
access-control-allow-headers: *

GET
H2 200 async-api.6c072bf7-1.230.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 30ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rWoTEmf9ai1ouwS3ToIE043y.yHgDQor
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: S6ZZEGSH66PZJTJ0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1210
x-amz-id-2: tcA2PbGQucOW8g9KIrmCGl/1CFfM1r4WfmgqvxwraGjl6hA63Fvc7K58JbDEvWP9X9GatZ6eK28=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.628668,VS0,VE0
etag: "a21c5f6b7cdfc3dedc83c2262a56d7cd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3205

GET
H2 200 lazy-loader.ff971c03-1.230.0.min.js Show response
js-agent.newrelic.com/ 928 B
896 B 29ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.ff971c03-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: moNPj5M8w_3ogm1Lwe_Y7qB7rdPjSB51
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: S6ZWEN9JJS81AKSS
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 414
x-amz-id-2: LeIQAUV4OikOtQuLFE81Y0aT0eiooDQwWDkBSF5B6O2nLzpxyOkyWoJISxGNF1SILfHssqBJDeY=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.628706,VS0,VE0
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2183

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 9BEE 565 B
590 B 200ms
199ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://messenger-total-promotions.printavo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.d7d5ce17.1682015972.7bce813c
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 18:39:32 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1536993338937586

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
903 B 179ms
155ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2397838929&v=1.1&a=3717916&pu=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&t=Printavo+-+%2320078+-+Messenger+Total+Promotions&cts=1682015972632&vi=d1e96d1992db9bd3799248f729fbbfb1&nc=true&u=49715641.d1e96d1992db9bd3799248f729fbbfb1.1682015972626.1682015972626.1682015972626.1&b=49715641.1.1682015972626&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6fbd48d9-30a7-4cc1-a45f-18812145fa68
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8%2F%2FdJfUo2AF71NEgl8CVZuL0Ih9ohIVr%2FE%2BxAbULd8WbIH%2FXIUtEX4cyJlRq7SMIc%2FXi9SZw8Z9UIQILkeHxdld9j1ZYQXLIiBcnUCQwO5TNPu390mITSp3vFGXN34nuJtLmWeOk4h95ToP%2Bwpm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7baf82b518e0046a-FRA
x-robots-tag: none

GET
H2 200 862.9f44b58b-1.230.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 10ms
9ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/862.9f44b58b-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: xRkMl8fpKmpkb8xSPDFwInKFtxpiLeiU
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: S6ZT8EV5YQFHRS5H
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3583
x-amz-id-2: iDlsgIwRvyfxW3KQklcwOrF8Q7znnZ8jdqKi3vXARUenA+P8m2PzI+cBE4lfDGwerE8FpQFkmu8=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.653025,VS0,VE0
etag: "c4e5d826698f6566f247167a7565c832"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 226

GET
H2 200 page_view_event-aggregate.75812140-1.230.0.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 10ms
10ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.75812140-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 7bfBjgjP9vhwGKyYNbxNdw69c7w6yepO
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: S6ZG5N2614XD9CQW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3954
x-amz-id-2: tpxZbzpmOMn+zDJmnt9D2arK+8g5F3gF/2DWMF7l39Z7M05LZPshd+Qi3KvKZIHCCPACWmdLy0g=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.652960,VS0,VE0
etag: "a4978f5fb64e86334a1dbb282220c851"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2003

GET
H2 200 page_view_timing-aggregate.9590bdab-1.230.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 10ms
9ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.9590bdab-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Fq.2FKw4tsY9sm_ft7J67YTmHBEmGUpk
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: S6ZND1TXYFP6TN8H
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4624
x-amz-id-2: wTpRVrMZS0UA8wvWSZOfk+GICTeAEkVktgqJNPEiXOT/BPAR6Seg/5+8oKC6O64twK9Khl/Xu0Q=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.652957,VS0,VE0
etag: "2357140ba2b3c410d01d12937c6269d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1390

GET
H2 200 metrics-aggregate.20a08804-1.230.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 11ms
10ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.20a08804-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Ue3teI4xiVp879tlCKhGPbDuwtTRksP9
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: 343R0RQ4VVQ4SJ4G
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1593
x-amz-id-2: leTtfvpG//3qrGTZTG8bYIJYfT3dOOkkRKye/lDwGlvu5xS9xlvGyttjan2egVfTdd/+9e4ZrTo=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.653323,VS0,VE0
etag: "2b4287467d6e1c411110556d75fe617a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10168

GET
H2 200 jserrors-aggregate.9136a849-1.230.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 10ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/jserrors-aggregate.9136a849-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: v5HVEhCBGcej47AYKf5XScCvsKds85Ry
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: A3BDT0MKJJAFP7HE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2699
x-amz-id-2: v44KUfkV5STHP5dHB+8m+YS6DyiPNR5GXfgPP8+2frAyqNYCFRFSlf4MGs2TgJxOMBRhTlRgFjw=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.656109,VS0,VE0
etag: "105c0b07033e97d2ad5192f22cd2b7be"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2364

GET
H2 200 ajax-aggregate.bcd562bf-1.230.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/ajax-aggregate.bcd562bf-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: RGeelkGAT7YETe4MVmUoI6TYFjMgjsll
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: 0FP1WBT54N9YJ9N4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2158
x-amz-id-2: dltQ/iybVCRQCoCLIhQurQq2/Dgsh+p7OMUNzxZQgzLBaBl1rT/fld368UWjJPgQPq7S3RtoU0Q=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.656109,VS0,VE0
etag: "9a50be0680ff4e93b2870bc5fa243b5e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1123

GET
H2 200 session_trace-aggregate.6e2218bf-1.230.0.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/session_trace-aggregate.6e2218bf-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bd0f25f74142536db572062ff1ca9e9e244a02c45bf8a1218198553e95bea0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: wKHTxgUg_rL30Au_du4y9trU9sbfu0Pz
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: S6ZPCX9AS8Q5R4SJ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3156
x-amz-id-2: Cd5L5YUnDxbUng3UDV5a81vLhJxULtIKNxfTA8bSYM1B6snaT7tPI0MJAOAaGf558ALaqZItzUQ=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.656257,VS0,VE0
etag: "309bc51447ad3ded6e5673698a4b93ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1124

GET
H2 200 page_action-aggregate.4d79b951-1.230.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 10ms
9ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_action-aggregate.4d79b951-1.230.0.min.js
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 8oQqhsOKIgpIXbVO2KdHKF_AsgqpQxSV
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Apr 2023 18:39:32 GMT
x-amz-request-id: 0FPAW5CKXG5GDVTV
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 983
x-amz-id-2: 1XONu7C1MHDG6P2AP07FiduU1C2ggqpxkH3pnCllEVD+Tb67fJ8m6bge94+r+YBBgOgTL0+4gpg=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682015973.656299,VS0,VE0
etag: "127fe6773a93cca9c6fdbb5ff34d7655"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1127

GET
H/1.1 200
OK 3f81343aed Show response
bam.nr-data.net/1/ 49 B
397 B 261ms
211ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/3f81343aed?a=832433&v=1.230.0&to=IQkITRdbCFtXFB9cFgYDFEpKRBFVXg9TbA0MEAlQBlE%3D&rst=2383&ck=0&s=cefe08929dec6b69&ref=https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969&qt=3&ap=129&be=988&fe=1358&dc=452&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1682015970288,%22n%22:0,%22r%22:0,%22re%22:542,%22f%22:542,%22dn%22:542,%22dne%22:542,%22c%22:542,%22ce%22:542,%22rq%22:542,%22rp%22:988,%22rpe%22:1088,%22dl%22:990,%22di%22:1389,%22ds%22:1389,%22de%22:1440,%22dc%22:2318,%22l%22:2318,%22le%22:2346%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1386&fcp=1456&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230034-FRA

GET
H3 200 1625920957735370 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f028:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1625920957735370?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f028:100:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8c67433b6b98cffaa4f590ae3d0a27dbc383fef6ece24af3b2e02b3f12ae80a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Apr 2023 18:39:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110466
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: q8Yd4DJhwYzpOQBbd8vZIZWbgzJJ2SI90p3GrAMqBTrQgALG2zp4ufucj//U2FgV0bO9C41vPeMJWpeSNstiog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:480:e::210:f108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:e::210:f108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=26390
accept-ranges: bytes
content-length: 4777

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/83282,96799/domain/messenger-total-promotions.printavo.com/ 36 B
366 B 153ms
152ms XHR
application/json 2600:9000:20eb:1200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/83282,96799/domain/messenger-total-promotions.printavo.com/token
Requested by: Host: messenger-total-promotions.printavo.com
URL: https://messenger-total-promotions.printavo.com/invoice/cc72ce0953900719f5a3a16b86a63969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://messenger-total-promotions.printavo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:39:32 GMT
content-encoding: gzip
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: bdfgaXlh-O6zAVskbVdQ84AH241vs6Bhana0UnE5k9OpK2Uhk0ImGA==

GET
H3 200 1896565227207747 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 37ms
37ms Script
application/x-javascript 2a03:2880:f028:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1896565227207747?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f028:100:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2252aa5220dd361e5ff03ccba37bad4b5d6574749272d2a0a17a4920d375f83

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Apr 2023 18:39:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110264
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 31cirEy6pTG5zuOENx/2qNl2dawxdjZFg3BAi0sxwMh54miyy/UtgA6A62YgoIBcb/0O48LAnJBSWBFsdNontw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1625920957735370&ev=PageView&dl=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&rl=&if=false&ts=1682015972947&sw=1600&sh=1200&ud[external_id]=d1e96d1992db9bd3799248f729fbbfb1&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682015972029.1274266351&it=1682015971834&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Apr 2023 18:39:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1896565227207747&ev=PageView&dl=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&rl=&if=false&ts=1682015972948&sw=1600&sh=1200&ud[external_id]=d1e96d1992db9bd3799248f729fbbfb1&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682015972029.1274266351&it=1682015971834&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Apr 2023 18:39:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 22ms
12ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1625920957735370&ev=Microdata&dl=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&rl=&if=false&ts=1682015973452&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww-printavo-com.s3.amazonaws.com%2Fuploads%2Faccount%2Flogo%2F35812%2Fthumb2x_mtp_printavo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=d1e96d1992db9bd3799248f729fbbfb1&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682015972029.1274266351&it=1682015971834&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Apr 2023 18:39:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 13ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1896565227207747&ev=Microdata&dl=https%3A%2F%2Fmessenger-total-promotions.printavo.com%2Finvoice%2Fcc72ce0953900719f5a3a16b86a63969&rl=&if=false&ts=1682015973472&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Printavo%20-%20%2320078%20-%20Messenger%20Total%20Promotions%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww-printavo-com.s3.amazonaws.com%2Fuploads%2Faccount%2Flogo%2F35812%2Fthumb2x_mtp_printavo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=d1e96d1992db9bd3799248f729fbbfb1&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682015972029.1274266351&it=1682015971834&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://messenger-total-promotions.printavo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Apr 2023 18:39:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
messenger-total-promotions.printavo.com/	1970-01-20 11:56:47	Name: auth_customer_id Value: eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2ODQ2MDc5NzAsImlzcyI6NjYwMzYzNywidmVyIjoiY3VzdG9tZXItYXV0aC12MSIsImVtYWlsIjpudWxsLCJvcmRlcl9pZCI6MTE1NDI3MjR9.IvoIX0yYkqFMVAb8Ia9nLeA-Dt_dStleqCuIaoiRREM1L_-ISAxsAEaz8pJ0VObbA5vdnJJBtNVdTykoxnNkcUOpfQvxLME7V_Stpem3_YR64r6fVuwjV7b5SlElpD18ardj4yDBkv4TY9Ug2EgtL-SpmMxdCLoidYQSOaZ_utQ9FyrglBjtIq65iI_EIydS0ynFDFbIvbeIWIS2xDCVepjT_moYvUdHvjtvDQJ_PcpK9R8V9DwpiWT5yycFrOHsfGNXbmvzNImNQtFcx3aSi4fzK2vpFWD-erAvtY_hX5S3ifnwQ83De4ydr_xhnAi-XEtmzrrLnhRKDATfOKny1Q
.printavo.com/	1969-12-31 23:59:59	Name: _printavo_session_v2 Value: c376ed164cb6872a491a761211a1e6f8
.printavo.com/	1970-01-20 19:58:01	Name: visid_incap_2873265 Value: GROgZ8eKSRSWxpyTbA60DeKGQWQAAAAAQUIPAAAAAAAktSM41i+XBVpyo1CyA9NG
.printavo.com/	1969-12-31 23:59:59	Name: incap_ses_1368_2873265 Value: +6l+c1wo0HE2o3ROYR38EuKGQWQAAAAAEMLCg6y+No0GbJK80cX3aA==
messenger-total-promotions.printavo.com/	1970-01-20 11:13:35	Name: ___utmvc Value: SZxnHeY2Ao355sjrev5zIkR/d3s0S6owOEqUGrx4tfA3L0m8KbiHY5D3oZcNJe6YATsvRX5ozrMihkLm1aPblf4LGuP22X+eXyMPOon8UHZOcsYESJxqDRJCoTD1hsjhs9hOEi2pbSS97g7vllmJnzqL/baZ/wWfpOfrwlCHeptPvtWdaZvN0GktCwEnXrqWjtQ2wns4xPI7VhdaOqxZZzAasPEvNiZSCDwEyk2hoPrcCTfqSgnPicEmlnz7NowcreoRtTjSXRz4ZB3/xEG/3+YrAyA4bxAo3tGBWRotLs8YSJyETCLcE7KytFpNUzxIAC4v9EUzBouwjrFr98fBqfIJU+1ICHeuI/aW7r1zD3EmJ7DkMpZTZiRb3w9ywxkDbPKVEUr1yVwQVij1+k4x34VeHhHWGpBHcGXmTdHn9Whduc+TZOZwbEk7iSCVvJ8pD1mFJTrSPsMJ8aeusqOKdJCp66RGF2VMMJrKT2QIUzTybAYzlSl9mabsUm/B0MVTW5IFPBeKwRrxSx7DOvEuR0D1BKDf/Zkx1CE39DP31Mv+1tnUrWGRfhwuapN/lF/+oJy+2W1hIXwGb1Oe/Qe9ppOVPwwWRxqD8FW7OfG5wsDiKi0Zxc0znLUXhmAwdBASR/MPDuTrf7bLjIeGAtmm95Nk3MX7zL9E6LBLz4rYnJoSdmGUL5yrL/QoMC2XbOClgAIYksHiUvmzMfLqw3czJW5OvLGO1OQJ1Z6w8H7ppIWt0FBu4KT9jSnEsoWjuTOV1KWOG8idFTGZAOMW5YfPP5IITK89s0yG4yX4JIHVZ8icUqzLbwOouSzMCusrSYtW1v82S6In2ysVaew8oHxepwDGeGKsPcrpzCoH5t5CZhto2Yj1ZxTy7GmuqqHKojdIoub0ZqpmUCMigx1BlBZ6tzB7L25ByRe5hjcT18142jFKaLTu1HscFzupElO4ZkJcurvijAmeXAsAJA76hqhAaJI0gjoXM5IbqW+KFsymjSFZtUwnX+zYZ6QNpBVEfxstb6qWhL4Ux71cpkRvXX/x5yGbA38q487ptCPdxiJlCv/GF/e8f89PhfjH1d2U22bq9Ita8pYJDRnvxQuEy1kQvPeUefY87txdRPmKJaiwu+9/erjd36tquG0m2C2E765dZtIurGwPCjPsmsahAjfJW3g9zLgGUioAWIfAH2NGVvbkMpCeJBJZwInd4/eeEpxoVP1/s9/RVU7ZeJ+yhO5gMmt2Y+JT2Z2/9VYcmhc0qIAJboy7nStsVEKnh/MF1NlC0Pi0E/GLD3n8HDtVbuNrbYKxcGenUfhQJWK1+rRLrCvPfYDKdOfWX69wmii68O/nkxvvRhwzhRtGGLn/zc10VIoRBic3APSagan8Jhyi9Gv2wOUxz6GkXBOIkYRUbDpA1MtLbGpUefixoAjOcpiev5PoyK6LqoJ6fhISgsj8+bvDM4AKb2sTi1TS7JU/rrWsSmk/CU+zdGLQzNbK43o/tcZApyVEZhGRnLpft19QGGJ3h9fUjreM43qUWT0M3vXQid6Ji8WRlTaYPEfv9snEwS4rdl+ApuN2Wk7hNRpzYngJv92nXd/Tlrs3FELX7zsvVWKXFURp8JBTUqBt1T35s1WZSFxmeGihvLkqNfjMqSkXbL/xYW+KFGqocB7nZd82j6EyoJxZelMmQzCiNy/CJJ92C4Y9UVNyo9Gr9pYBe0yA8VnA7HGNhrrpp9BlBLpylTjXwtDBAX8dedvj3T1Mnv2qDvhr8wajtzs6ywnef9i7aazRMTT4nX2La2R9SfWBRXlfJ+vCdyiF156wp+yMcAaR5lulK2qYjfW2AW9r5gQgguVmNP16mS5EnbZErIdFz/htcS1LjCw0JxjaZZFwRsZyF+45n2KUWh2E5x4+D5cxc+LwpTsoqCGjxUXdsfd9WQW2Hmgj9YKfyhvCt/Bqa3cKpZfR6N7cZtqg4W2rarIzfpBb0nRPEGfD4ef4U63bhn8FTzzEo8TQpRLTkjDijIzFyLIEbicD3kAoY72zdoojyhm/xGC+5n7/CrR5UQls6rTxahdLQNedyujEmc3Auyf8drDQmSwKpX2YaZmklhk400aiBuMHMM8o0t5vIol3w4123t74hUidsAVFWwq11h7ZcGFJ9iZNMNc/gQYKfuA6KFKuKDTwjP+pDnZ3sMDeFu7Y4rxr4SKHekeWBTJwbkV7+Z/YLEecqF+D62e0xbMa9YG3sDsdLASPCHsK0g7r0fG8aO3BEo1JQguJrt6n16arP7qoo5hRoNNtEiSXbO0ZfZS6FEENxv8B89VxkabAw4boE2GZrkIZ0B42a+xHvsB/+MgMb//0kh50b2/SWK48CFsbQBAcFGJ3xbD8gOC/oM8bwT8oWBZytI6Hmz1O/LlEPjsk+1grvMSQT8mZSDIKXqFkO3BEILDIXHrEDGn+Orfy1t8HLtA+ZP8jVf53bz8WUvoYpBS/ztVGZcifZD3bc6TmKix5DvAUbvFJNMG6KZtGVY9J/8jRrkITWYI0CuE6lF6JZWbK3mrqy9drckwGmk6lCl+G4DcLH8SJed754gToabxSkoWsOYCt5drx91lCNG20RRMQEdtIPC8Sx2BO3A9tnGWceKC6Ckr0NcJqXNAVMP4vZXQQThyGOSFTLs5TsVJqSxfil2bQPwf0eP4DHAggGJXZr6a7KCv5ZSI/LGRpZ2VzdD0xODI4NTUscz03MzcxYTI4NzliYWE4MDcwYTJhMTllODlhNjdmNjQ3Yjc2Njk4MzhiODhhYzc5ODM2OTg1ODI5YzY2YTk3NzkxNmFiMjlmNjg4NWFmNmY3NQ==
.printavo.com/	1970-01-20 13:23:11	Name: _rdt_uuid Value: 1682015971789.85bf8a1e-baa5-47b9-88ea-41fb8dd4d1ce
.printavo.com/	1970-01-20 19:59:11	Name: _attrb Value: %2221f319de-c69c-4d12-882c-d28b7e8a72bb%22
.printavo.com/	1970-01-20 13:23:11	Name: _gcl_au Value: 1.1.520391086.1682015972
.linkedin.com/	1970-01-20 11:56:47	Name: UserMatchHistory Value: AQJVvmGobiIipgAAAYef9uobneq8uacJ1Dpcoz0Ww1756etX5HSwY80T38GXkiNcJm5KovEOmFTivg
.linkedin.com/	1970-01-20 11:56:47	Name: AnalyticsSyncHistory Value: AQJIh-sc5c2RAAAAAYef9uobGv58zB0XpBSZQVhmyhsAvEXUqHutglE-RVxP28dJgRmXf_fzWzYJC9-7nJqSpA
.linkedin.com/	1970-01-20 19:59:11	Name: bcookie Value: "v=2&39772862-45bc-47c6-8d32-906a93b5578a"
.linkedin.com/	1970-01-20 11:15:02	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2650:u=1:x=1:i=1682015971:t=1682102371:v=2:sig=AQGyDU9fDKb_c4P-cYLJgaqH3Z7ardm-"
.printavo.com/	1970-01-20 13:23:11	Name: _fbp Value: fb.1.1682015972029.1274266351
.www.linkedin.com/	1970-01-20 19:59:11	Name: bscookie Value: "v=1&2023042018393167af871f-0961-43e9-80a8-f0cd8c5d8281AQGNMb5WbJ5iHA8W8eGFbDJPf8NfPuRe"
.linkedin.com/	1970-01-20 15:32:47	Name: li_gc Value: MTswOzE2ODIwMTU5NzE7MjswMjEH15EqFiAjqAI5lkziKZUScXW4KavpIL+lNC4BzI1SOg==
.printavo.com/	1970-01-20 20:49:35	Name: _ga_8JBZWM5CLD Value: GS1.1.1682015972.1.0.1682015972.0.0.0
.printavo.com/	1970-01-20 20:49:35	Name: _ga Value: GA1.2.85788902.1682015972
.printavo.com/	1970-01-20 11:15:02	Name: _gid Value: GA1.2.1181487738.1682015972
.printavo.com/	1970-01-20 11:13:36	Name: _gat_UA-21299846-1 Value: 1
.printavo.com/	1970-01-20 11:15:02	Name: _uetsid Value: b0bb2eb0dfaa11edacaad55fc528a3e5
.printavo.com/	1970-01-20 20:35:11	Name: _uetvid Value: b0bb1d50dfaa11edad35230296b4b559
.doubleclick.net/	1970-01-20 11:13:36	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-20 20:35:11	Name: MUID Value: 1A4BB88D1D57671537CAAA741C3C66D5
.messenger-total-promotions.printavo.com/	1970-01-20 19:59:11	Name: _pin_unauth Value: dWlkPVptVmpaalV3WkRFdE1HWmlOUzAwWlRsa0xUZzJZalF0TURCbE1USTRPR1EyTkdFMw
.printavo.com/	1970-01-20 15:32:47	Name: __hstc Value: 49715641.d1e96d1992db9bd3799248f729fbbfb1.1682015972626.1682015972626.1682015972626.1
.printavo.com/	1970-01-20 15:32:47	Name: hubspotutk Value: d1e96d1992db9bd3799248f729fbbfb1
.printavo.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.printavo.com/	1970-01-20 11:13:37	Name: __hssc Value: 49715641.1.1682015972626
m.stripe.com/	1970-01-20 20:49:35	Name: m Value: c2cfb519-833d-4fa5-b692-c512f7d9ae0bbdd13f
.messenger-total-promotions.printavo.com/	1970-01-20 19:59:11	Name: __stripe_mid Value: a1d864b8-f268-4ac4-a31f-20c0f46e17888738d5
.messenger-total-promotions.printavo.com/	1970-01-20 11:13:37	Name: __stripe_sid Value: 4121ce9f-4dff-4b44-a82c-e6991afbf5e46e9ea9
.hubspot.com/	1970-01-20 11:13:37	Name: __cf_bm Value: o_zUVh4jgGDRpHu5csx6Z_RUjVSR5_P9L2d8gyXxzxo-1682015972-0-AcxZ5KyQSUdTLLpqNUMzfxJDX+71GzP5UO05+TImQ679UfwujoZl9f6biZZrPv2PBjtV2Pf0fwZixKyItgJ0yZ8=
messenger-total-promotions.printavo.com/	1970-01-20 11:15:02	Name: ln_or Value: eyI4MzI4MiI6ImQiLCI4MzI4Miw5Njc5OSI6ImQifQ%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
api.hubapi.com
bam.nr-data.net
bat.bing.com
cdn.filestackcontent.com
cdn.linkedin.oribi.io
connect.facebook.net
ct.pinterest.com
djqnomyzwkbyb.cloudfront.net
googleads.g.doubleclick.net
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.stripe.com
m.stripe.com
m.stripe.network
messenger-total-promotions.printavo.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
region1.google-analytics.com
s.pinimg.com
scripts.attributionapp.com
snap.licdn.com
stats.g.doubleclick.net
track.attributionapp.com
track.hubspot.com
www-printavo-com.s3.amazonaws.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
13.107.42.14
13.32.118.55
13.35.252.40
151.101.130.133
151.101.193.140
151.101.194.137
162.247.243.29
2001:4860:4802:32::178
2001:4860:4802:34::36
23.206.208.183
2600:9000:205e:d800:19:7d10:bd80:93a1
2600:9000:20eb:1200:2:53b2:240:93a1
2600:9000:2156:2600:1b:e643:4ac0:93a1
2606:4700::6810:76be
2606:4700::6810:8cce
2606:4700::6811:cccc
2606:4700::6812:18c4
2606:4700::6812:853b
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c08::9d
2a02:26f0:3500:88f::1931
2a02:26f0:480:e::210:f108
2a03:2880:f028:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::396
45.223.138.129
52.216.208.225
54.187.159.182
54.187.99.131
75.101.184.39
04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0df60d15ee1b87cc9007f1d50ea2d9fd8560ac1b7cf143a51208f20b27a59fa7
101f58547fbac086bb6abac881a5469bac87289b25a177e32eb61ea841def2d6
106fb417f17d07a860ebd1466dd44c0f30c754560e24e4f85ce5b4b560fd6bdc
158aefaca1a2efa08d28d81bc8ca106261ec0888e8ede5db8d1d7ce9ec59c0e8
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
23bba3e206a97faa6d5277f653e709e884f50aa46748ea0f5aca19f960bc2ab3
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390
46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883
51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
60913bdca245f5b2cf1ead72e71516d4bf7a8d4b7c260bf2a84797994ad2acb7
6813032b4bfc4718236b3315084e1ca7a7f3f3f8c43b0746f1eb3a39017ce560
6bd0f25f74142536db572062ff1ca9e9e244a02c45bf8a1218198553e95bea0e
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89de17780e3cc637b3d29634d595744af7466c3a2c1eb17ff4b86875f5ebde3b
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7
9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601
a2252aa5220dd361e5ff03ccba37bad4b5d6574749272d2a0a17a4920d375f83
a2b05251d8b8c6398b5c64c9ba15d9cc917381474ae77d24aeb6242fc5ba7087
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa3b263e741568d813f4470ec5edc0a8ebc8bbba0fbae767f6b8042fb02abd53
aa5f2fc15c5f31342b3aeec29783d92f68d47c0f717b4ff3cea931eedfbd68c2
adcce0f075b1074ce8dcf75cc2f2942e4e1a99c4f5f0bc7941850dc1d1dbeef5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af084fe75051a69aac3d0d00c3f0592461593f126e75f9ba12174670d9d9d9fc
b130402e42a767a8222cc4180aa8a97026c6ed8c00d1694e6615b07c12604f46
b2a9dcdd1193c2809eb08fd8579baa88c8f496ba83af0483505eae725c7837b3
b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1
b8c67433b6b98cffaa4f590ae3d0a27dbc383fef6ece24af3b2e02b3f12ae80a
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bf348b6290f1401bdb762ac5b549d96180f8823cef2252c50230f19498cb6fe4
bf893e61dc50b0a5a986583b0acc4e152ca7f323f073da0c4dcdfdd6f18d0e85
c009255af164a905ca9dde0ba14f6b96e703e06661f61d11919fe7e8787c2fbd
c447c184e140182676eb110e477cc400d27b5e820142c336d40560ab67c8d0e5
c6beced9c685b836493c878b62c5e8114dd9cc140c3b26fc3a6717b26d4f7dcf
c7ef60a7c92628de9dc765d3bd637b2af7eb498c06b2b96ad2d8cce0c62d7e2a
c87c02bd76ce8bd3fdc81c4d8846e55a547c7067a561a1ca61230dd0b7b0da90
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
ce5664c31aa4a979de7fb20a1f6f7f80450a33bfa8c6f3e325d337c406b5d917
cfead84d58465d990974c187dacc5de27c5da8f27ee144a8c20ebc1de9c9ba8d
d650b6646e20f2ef630fff14b99747f291272c58548f85735dcb6e73f7795805
d6c706ae06e08eebcf6d816d10a0a2484e5f708f9b3bea372c8a8064977a2999
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
db1ef9fa5b036f6f50bbed87f120ec64c6fb9d8480876a9ccee4068425d72660
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e0dbd0f8fde064bd18a9a56f6b820648caa7f69cecade96c618e2ced86efb4fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e433ef9294d650099f75a6e4242f24fdcc35676c33385f5f90e1191e8ed867
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049

messenger-total-promotions.printavo.com Open in urlscan Pro 45.223.138.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

64 %IPv6

30 Domains

37 Subdomains

35 IPs

4 Countries

2050 kBTransfer

6518 kBSize

33 Cookies

3 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

messenger-total-promotions.printavo.com Open in urlscan Pro
45.223.138.129 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

64 %
IPv6

30
Domains

37
Subdomains

35
IPs

4
Countries

2050 kB
Transfer

6518 kB
Size

33
Cookies

86 HTTP transactions
0 data transactions