urlscan.io logo urlscan.io
SecurityTrails logo

www.progressnormal.co Open in urlscan Pro
2606:4700:3036::6815:4dc2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoS...
Effective URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAs...
Submission: On November 30 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3036::6815:4dc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.progressnormal.co.
This is the only time www.progressnormal.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

31    2606:4700:3036::6815:4dc2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.progressnormal.co
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
11    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
l.sharethis.com
Domain Requested by
31 www.progressnormal.co www.progressnormal.co
12 www.google.com 4 redirects www.progressnormal.co
11 www.google.de www.progressnormal.co
6 www.facebook.com www.progressnormal.co
6 googleads.g.doubleclick.net www.progressnormal.co
www.googleadservices.com
5 connect.facebook.net www.progressnormal.co
connect.facebook.net
4 bat.bing.com www.progressnormal.co
2 www.google-analytics.com www.progressnormal.co
www.google-analytics.com
2 www.googletagmanager.com www.progressnormal.co
1 l.sharethis.com www.progressnormal.co
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
0 8a93b192-a897-44e1-b8f0-de4f8a32c2b7 Failed www.progressnormal.co
79 13

This site contains links to these domains. Also see Links.

Domain
ultrazoomshop.com
ecomerzpro.net
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-08 -
2021-12-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
sharethis.com
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh

This page contains 3 frames:

Primary Page: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Frame ID: 11593FF40829B21ABDD1F74666742428
Requests: 76 HTTP requests in this frame

Frame: http://www.progressnormal.co/clicks/UltraZoom_files/blank.htm
Frame ID: F0F634C571F133A3DDABAEFCDA9071B4
Requests: 2 HTTP requests in this frame

Frame: moz-extension://8a93b192-a897-44e1-b8f0-de4f8a32c2b7/data/content_script/blank.html
Frame ID: D8A0794B1DAC99C7FDD4A7BFBBE47FB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ultra Zoom

Page URL History Show full URLs

  1. http://www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1r... Page URL
  2. http://www.progressnormal.co/offer.php?id=346&sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VW... Page URL
  3. http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHT... Page URL

Page Statistics

79
Requests

53 %
HTTPS

83 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

10497 kB
Transfer

12767 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH Page URL
  2. http://www.progressnormal.co/offer.php?id=346&sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH Page URL
  3. http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://www.google.com/pagead/1p-conversion/787909066/?random=1633357087302&cv=9&fst=1633357087302&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4 HTTP 302
  • https://www.google.de/pagead/1p-conversion/787909066/?random=1633357087302&cv=9&fst=1633357087302&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
Request Chain 23
  • https://www.google.com/pagead/1p-conversion/787909066/?random=1633357147201&cv=9&fst=1633357147201&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4 HTTP 302
  • https://www.google.de/pagead/1p-conversion/787909066/?random=1633357147201&cv=9&fst=1633357147201&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
Request Chain 24
  • https://www.google.com/pagead/1p-conversion/787909066/?random=1633357207202&cv=9&fst=1633357207202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4 HTTP 302
  • https://www.google.de/pagead/1p-conversion/787909066/?random=1633357207202&cv=9&fst=1633357207202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
Request Chain 25
  • https://www.google.com/pagead/1p-conversion/787909066/?random=1633357267202&cv=9&fst=1633357267202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4 HTTP 302
  • https://www.google.de/pagead/1p-conversion/787909066/?random=1633357267202&cv=9&fst=1633357267202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
accede6547d3fb48de661244978281a3afe9f0d3e95e04c7f2f78fd2cf35a6b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/7.3.25
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRYIa2d9IXtDOXBwvQGNXbUTGl9YpgDzhAvikJT1O2JZj0gyLM%2BbaD2HCjexwKRnbinMN%2FQ3FQsTUpCfZji0eXMDV%2BVexVehQ3o1MuH3xVZSOqschyxrFDF2cLxT4LCrJiHdzaAHhY2ej07w%2BgQeGVPQmIg%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6b616af76ec0435d-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-1.11.0.min.js
www.progressnormal.co/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/jquery-1.11.0.min.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5796
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 15 Jun 2016 01:14:34 GMT
Server
cloudflare
etag
W/"5760abfa-1787d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7ZuRmXVb0UnpuB99g2au7aUE97YLMpdMXeXEDtG31ZoUoa2yX3gjjpKa2q%2BoxXeRmi18rl6ODsIR%2Bpm8IbOPpg89P47SHfusTECVOttfzso4N9T27Lj757PEO6vC0LEPj0uPAoXk1KVUhvFwgbjYBblgyQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6b616af81fb7435d-FRA
js
www.googletagmanager.com/gtag/ 		31 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36180
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Nov 2021 04:43:58 GMT
offer.php
www.progressnormal.co/ 		421 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/offer.php?id=346&sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
1a73a5a64e9f36e74c75afd95aed4d8a7ff102b80912054ed2226c702c3d0ae2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/Jmuexrfp/ebxaf836437euth/zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/7.3.25
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2jJpWHFYqfoEKBGND6W4fs10u1kDMSvv8%2FAFF1r%2F5RTbPgbnUlvGtdArlKOoR9mptMhKG5sCPJWOyx7yAEEgS%2FuMqvGzfcki24NqgA2gQSm4RkUPg%2F7Lj7ARw9ObwwGxAJxU8%2B6AbRHx9b4af6bA%2BoKYjo%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6b616af85809435d-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Primary Request UltraZoomCopy.php
www.progressnormal.co/clicks/ 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
9088db9210f2c36064de49217cca5aa57b2afcc3be49198f3684577d9ec4d8d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/offer.php?id=346&sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/7.3.25
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xMP%2Fa8i2Okzy1aUhuuy4l4eNYTcRVSTVg9dS4eJ1TKsShYk9k4iOpyE0GwE71txq66tpadzZj4Vy8PmG49d2GrML%2FlU9bF37s34xlDlDtn1MT%2Fv2eMjvgizPlPC2Fx2gUAH5xBVEkQHqHXzDT52k6QfDBw%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6b616af93928435d-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
conversion_async.js
www.google.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/conversion_async.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83df894173768fb3b869a1a76cbc0077110485fafd2fd002182e4671c6106970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14374
x-xss-protection
0
server
cafe
etag
2046405949574874676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 30 Nov 2021 04:43:58 GMT
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:57 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 03:55:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0E01AD64ED1A4DB9918112E197F7B5B5 Ref B: FRAEDGE1306 Ref C: 2021-11-30T04:43:58Z
etag
"80dc6f5342d8d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10442
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6171
date
Tue, 30 Nov 2021 03:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 30 Nov 2021 05:01:07 GMT
551800715557688
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/551800715557688?v=2.9.47&r=stable
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e503955f93d43b30da94f273e275f1d1c110404915e986aadebfcbb05a8ea9b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Xt332QOlTy/GBvRvI26SG9ZHLNeyrpsQ6XaCneKyOrMw9zuAtihD5PNy4sKVBErDmBuQJxGg61CtK/0VBt562Q==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 30 Nov 2021 04:43:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1671667636297045
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1671667636297045?v=2.9.47&r=stable
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ab4179f0276a848c1e3ef667b7a13f2def6e0065cc64956de88579fb0781ebe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
JFLfmYKRpWyqBjMZd8Gm70bjMHjImv3A1SKsblZu7zgkMyNEG5LF4C3UJZjKJWCODeTGNM9wROppdY6if12srA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 30 Nov 2021 04:43:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
7AXlCmgsy8Sa8MmK6c6UZotutz/GcGuMxlLFsJdTBLiKVPewqoD8lD4Wqm0V/WfN32I6Kpc3LMJ3KeZjUdVs7w==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 30 Nov 2021 04:43:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		220 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
817d36c61b8c6b602b93e1082d0f6609475444a8077d266acbfad5459296155f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69113
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Nov 2021 04:43:58 GMT
fbevents.js
www.progressnormal.co/clicks/UltraZoom_files/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/fbevents.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-189e5"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srI13Tv2k9B8yQSboY6DXPXFhGL4VUU6vtfMn8JpijJRa6zV7jSjbZmgq96xs3KzcIMv14bKWmgOU5uJc5E%2BJN2ePiMCvcbxkxzS6Y8gVeFu5WQser7rHRUoGszVkmiIO0Rvz3ahRx49bKOoRvlFO0beBLA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afce9d2695d-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
gtm.js
www.progressnormal.co/clicks/UltraZoom_files/ 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/gtm.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4c5a040b421c100087ee947bfd055792c37e534dfdbb003399f42d7eb1ec541

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-3330a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63v9nW%2FCMm7jaXy%2FEh6uuzlo7PB8hkTK3z6ydFjyk5A68WtuX3SEbmJRd8rIMQywLuV1h8MOAi%2Bs93Xijw%2BvIzVTjThUbL%2B8Fy%2FafRCPi3WORTdsNM5634lefXJ1tzZl%2BKFxf%2BVKpoBqzSOqDSOR0ggUyD4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afce94f693d-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
bootstrap.css
www.progressnormal.co/clicks/UltraZoom_files/ 		141 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/bootstrap.css
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Origin
http://www.progressnormal.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-235ed"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4glj4pDnhrgQsgSMtIFjtGxLyMFwwxQ2VvaK3d3aJ7CFdmCkKbEkRwZCqsv1bjx%2B3Dw14%2F86N7%2BmLEOHueV7Yp8SnL4HIuphNewD%2F4CvzX7juFV6rF6k38QNaIxmVWVWofZGwREXcyS4u7fTC6MFmMjYtqo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616af9fa1f6916-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
font-awesome.css
www.progressnormal.co/clicks/UltraZoom_files/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/font-awesome.css
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Origin
http://www.progressnormal.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-7918"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvoilztvP8yestFxrEu1EwKPZGrRPqWumg6B98jZIDnJtsZ%2FMsYRL3XpTdmIXmEYLKYKxs0fPDhw3QZAIcLTMOrFFXRNAo%2Bl7vrbn9BAUviIdxZQ08tf%2BjZsdeEk%2Bs1lUx8WWx05HmTpgtPrwWM7rD4wG3w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616af9fd87693d-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
blog-post.css
www.progressnormal.co/clicks/UltraZoom_files/ 		5 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/blog-post.css
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a90d43c105bace594322b0998200890c30f29ca598da49bb3b8f818ed80955b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-15a6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDw6DsJXA%2FJjXEvn9%2FmRPcbFA%2B6ej3uIWxqyA1DwS7ccwX1Z8kGdF0ggOy5DuiqOLk7DSpgx6fkISMdbSASSqpV%2FtDEHiGkXBBBNy4C%2BUUeNLHZHIslpiFv9WlM5v6U3u%2BKoDFWe41FiRhHeaPJ59ihthNo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616af9fdd6c27c-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
customc.css
www.progressnormal.co/clicks/UltraZoom_files/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/customc.css
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c86b7576396386d753c85229f166adf6b889f4260d15bd15f80ba8b1eed6dc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-845"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I84WUt4mBUqC52HYq0ZYpCi3rxo990JGI28bG9iamfg7c9XCHlmGmwaMPa5m0sIxT8TeabZMaQAYuXYNAR6gNo19reVlwCvBNOahVD07X2A0Ha2UbRy3yy%2BTeKegW%2FruMhW4ZuScekaN1wDrNo6APrQnrLo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616af9fdfd695d-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
animate.css
www.progressnormal.co/clicks/UltraZoom_files/ 		76 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/animate.css
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6b686ecaa56e02ec5aced95541a03f922f599b31f1b4cd429ceca824a6e669

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-13053"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3gh1y2Co%2B2II0LO9rLjP6JZmOoWBiavj0A78XAz0DLWKEGnsVZYH6x%2BcfLIF2hv9bqvhT91caAKg2Bfk7V2O3yiR8GbbKkjZK4agO7G3Jjy4BUThw3PB%2FZNFn9bWmXXWGahgo4hmrsnxD9Dg7dXVgd%2FUm8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616af9f9735c98-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/652536324/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/652536324/?random=1633357027364&cv=9&fst=1633357027364&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a24cdc01fb57a856ce5fe2a507c4c2c13909a1769bed9e4cd530b9fc0832b33c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1058
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/389423146/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/389423146/?random=1633357027367&cv=9&fst=1633357027367&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5e36e24e967ea187b46d085a413155ffbd11a32769e09916c73ea986a4cbe26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1058
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787909066/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787909066/?random=1633357027370&cv=9&fst=1633357027370&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1432db970a9bc656b76aca72a9482d1600d3cb6ce164132ffb016bde4cb78d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1058
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26055977.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26055977.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 30 Nov 2021 04:43:58 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EE0F01822AB541279E7B959A70DF883F Ref B: FRAEDGE1306 Ref C: 2021-11-30T04:43:58Z
x-cache
CONFIG_NOCACHE
/
www.google.de/pagead/1p-conversion/787909066/
Redirect Chain
  • https://www.google.com/pagead/1p-conversion/787909066/?random=1633357087302&cv=9&fst=1633357087302&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080...
  • https://www.google.de/pagead/1p-conversion/787909066/?random=1633357087302&cv=9&fst=1633357087302&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&...
43 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/1p-conversion/787909066/?random=1633357087302&cv=9&fst=1633357087302&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
location
https://www.google.de/pagead/1p-conversion/787909066/?random=1633357087302&cv=9&fst=1633357087302&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/787909066/
Redirect Chain
  • https://www.google.com/pagead/1p-conversion/787909066/?random=1633357147201&cv=9&fst=1633357147201&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080...
  • https://www.google.de/pagead/1p-conversion/787909066/?random=1633357147201&cv=9&fst=1633357147201&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&...
43 B
131 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/1p-conversion/787909066/?random=1633357147201&cv=9&fst=1633357147201&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
location
https://www.google.de/pagead/1p-conversion/787909066/?random=1633357147201&cv=9&fst=1633357147201&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/787909066/
Redirect Chain
  • https://www.google.com/pagead/1p-conversion/787909066/?random=1633357207202&cv=9&fst=1633357207202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080...
  • https://www.google.de/pagead/1p-conversion/787909066/?random=1633357207202&cv=9&fst=1633357207202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&...
43 B
131 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/1p-conversion/787909066/?random=1633357207202&cv=9&fst=1633357207202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
location
https://www.google.de/pagead/1p-conversion/787909066/?random=1633357207202&cv=9&fst=1633357207202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/787909066/
Redirect Chain
  • https://www.google.com/pagead/1p-conversion/787909066/?random=1633357267202&cv=9&fst=1633357267202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080...
  • https://www.google.de/pagead/1p-conversion/787909066/?random=1633357267202&cv=9&fst=1633357267202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&...
43 B
131 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/1p-conversion/787909066/?random=1633357267202&cv=9&fst=1633357267202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 Nov 2021 04:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
location
https://www.google.de/pagead/1p-conversion/787909066/?random=1633357267202&cv=9&fst=1633357267202&num=1&value=0&label=tF1hCIaHsvUBEMqT2vcC&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&ig=0&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sitelogopositive.png
www.progressnormal.co/clicks/UltraZoom_files/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/sitelogopositive.png
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1066274fa5181ca6b56282204d3533f6f19f22ea5295c47451449920e9f578eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
"61844587-17d7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ctry0OP4Ug0KIMivgFEpQJGuHHeJmiv9qyXZvge%2B3hiBePEMySHjvHZbsDGt0W63K9BgCwwDcXQdfxhHO2gxIktHwvJjIsIs1uX3FjTJPXF9t57jDed23oZ3%2BlC74XnY%2FAmmMPghv5eldnXcx0O4f8INj9M%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6b616afcbe3c6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
6103
advbanner1.jpg
www.progressnormal.co/clicks/UltraZoom_files/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/advbanner1.jpg
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d897e86de957892e35db88c0fc91eaf193ab98da1c1b18577aaedce76d1a61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2249
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
3012094
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
"61844587-2df5fe"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa7liWmYkhyutrGWTigzuQLVX0LkrMuPz39jwpdsc%2BdljptjsHHby3w4yDtDk2N7vIRG0HT5kI1%2BztbSlqSpb5aFfJivX7wyJmXE%2FzmeYPXJNgZMPXL2xD7b86kvXBgZjpw1cOJvTsWp62Zrv9an7WGqT5E%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6b616afcedb85c98-FRA
advbanner2.jpg
www.progressnormal.co/clicks/UltraZoom_files/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/advbanner2.jpg
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ffd5b6f358f27788a9a7eb00064ac6e290f60234f8fbf45c5e6eb43349bfda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
"61844587-1e0a67"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbKmwP3p4wc57r2%2BprE1st2%2BLFB4ZFq12%2FD2Fii7OIaciHEmUUhF9y7fkyYyaji3cGlCLD1cu%2F0vHcy%2F%2FC7%2FLNQsl0JZIkbrNhDPSBq1wr0b4heq%2Bp%2BymWhc2vuT9yNfhk%2B7m5RQQUqrfoL4j%2FK%2FXe8WpyM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6b616afcedc4435d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1968743
advbanner3.jpg
www.progressnormal.co/clicks/UltraZoom_files/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/advbanner3.jpg
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab6234bf2dee17d40ed7aa46b1d58926afe4a87b9cd4b98eee9a9882f6b8c5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2129
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1715614
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
"61844587-1a2d9e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8LB0VV9xymIKIUaZPZegDcW6dACTI8Vpdd2ZUBf3zRJheCFTSWS1u4s7xoN4ZsXV4EEvwmjRmxMAeM05tyAd73pr5kKd34e544b%2FmjddO1ADHyydusSMesZLhJrfX%2Bc%2FxqAC8cTnkQSgGqV3a5g7NkrvZQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6b616afd6f2f6916-FRA
advbanner4.jpg
www.progressnormal.co/clicks/UltraZoom_files/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/advbanner4.jpg
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a77aaaf72353684b568e3b4a313b2cec229bbb0c3657cae781d8050acadbab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
"61844587-2ffb03"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEcVD4uf76wgEuIyProVLE2K%2F2Ysk5oNeUUTQkCNCXxeKPx8DCHg9QSh65STaqEx5CabsYkDwnqFPMZOIfKMxv0AuWC3ueCh9xWiu%2FtlvXLIJag0NCP9F9VkJSTjfhcAKUfvA5Xo6VgNrxn9gsHgfaaabYk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6b616afdced25c98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
3144451
ic-oficial.png
www.progressnormal.co/clicks/UltraZoom_files/ 		629 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/ic-oficial.png
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e99e8bbe4f815eca8476e6afe3b1f95eeb6f609ffc4fb84d206066389cb7fb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
"61844587-275"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUfCbWxmTwq2wOKHSzsJ0ijyODQ20%2B54qPSHrUWoyqz8wdpvoDETP2TftWtAMVeVo7PXFATzxEPUcfyvDs27bXufpqGQFdw3B5ryWLFhRQ17gMMkOff4A5wnOIJS2SAXB%2FXI1eFJV6RAHkzS5UK2uCbWJJw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6b616afdfb00693d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
629
sharethis.js
www.progressnormal.co/clicks/UltraZoom_files/ 		183 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/sharethis.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f6bbb7e286f1f3ad2aadaa4794d4f1ce8d2a1a262f1a9b8851533edbd41ae79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-2dcf1"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQQMYX3zIfk7t5GPuZUDwgGjBeIy287tV9sxmNGHDTaCId5hd4PNNmjdOOsaa%2FDl7zwseOZv74fE8xxONINuWRwdYDNYOSSlPmca3LGeYPpwXeyCqinW6AhKLeED%2BagzfLV71n5Cx5wyKZmSbqCqUeRU70o%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afe289dc27c-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
dmca-badge-w200-5x1-11.png
www.progressnormal.co/clicks/UltraZoom_files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/dmca-badge-w200-5x1-11.png
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0be3149fb34d24c91045b25de9d1e40844b9d69ad195e4b2b586c5c8e173a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
"61844587-1510"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsrsL%2B8Sg3mt5rb6noTvvAJdUv8nVBGZjPDvNDYd31W%2F34Hl3H3OjDbHIcWj3ZssBSjsnAA%2BeQUW8KwMLHxEhWynk%2FvUre7KBttY%2FradWLmNQxXSXhBMrgWX5spS7gYjZOHTe8aCb3KIM3kmtoEbsxLWyg4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6b616afe5bef695d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
5392
DMCABadgeHelper.js
www.progressnormal.co/clicks/UltraZoom_files/ 		465 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/DMCABadgeHelper.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-1d1"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rd2Tc37OmghV%2BHuzbBOjvZA%2BYqWCyxZVyNHCPBRB5IWsVjd6J50HNzkmbtkoik0sEyxerIGqcIhZ6o%2FlgFEtJ9WOTbsG7NiX%2FccrEj8NivtCcsAxc%2Ffc2W4XEJxxzSX9mldl6gewO%2F4lGbbxqIZyowd8pks%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afbdd086916-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
jquery.js
www.progressnormal.co/clicks/UltraZoom_files/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/jquery.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-1538f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaF%2FhaUzt7uWCp373ADHnoEKZkadMVEYQ7tLNbSVIVy6wsiZrHrzb3TB0yozu6RJAgnEIoz1o92509MvoqxUdM81nt0Q3v%2BZF9FhlN5Xdbyc88%2B7JQCqo0h1rfmdXStq1%2FDc85GIWF0SZEO2qfjxkUyH0jI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afbef55c27c-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
firebase-app.js
www.progressnormal.co/clicks/UltraZoom_files/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/firebase-app.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81dff483fdac22b45e404c729c8cf593a995840478f4101cd8e97e09b47ae96e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-881c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGMpQUsm2ZkqJS8MhJ6ZrT14xhiTRaIwLRIMKS6XFFJ9Z7I1FR1DIemIsOPL3E9a%2BRWey1E7rdugClWIKYA2GLMuuk9hNNGo93JrGRolMi21C%2BB8rHld7rE7rMEDJDUCjKLB44psoP2LJpB3qCKvyPNs1uc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afbec925c98-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
firebase-messaging.js
www.progressnormal.co/clicks/UltraZoom_files/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/firebase-messaging.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-8b59"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrTCka7fnt%2FRbhBqx%2BGJVgLFUqLkMQlbS%2FWNX4%2BNMqXOOfrx5oGTkV97NC8xlJWDi8mXxzvUypNKpLoa8ny5x58uzj4gckA1xSB7X9fQ1GqbQDulLOqWG1pXyFcDCvgjQbsUY5437lkvbeGjbg6oQDYnvYE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afbe879695d-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
moment-with-locales.js
www.progressnormal.co/clicks/UltraZoom_files/ 		306 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/moment-with-locales.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6ac652a4a210d983f1b2fe05578b97b8827e1b3ea643f222aad941c4b64def

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-4c8c5"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9TJH%2Bi%2FVJfNI1AmCG%2FV0kntYFQZdG7T4ihZXFn3a%2FZrOVj%2F1J9xPnm55SBHx8%2BJAIzjoByXwpecDzK%2BHKAsSAcYrdW339tR%2BnWhFl0erQBUGvTDVGZdAmCPfbLSq9T67ly6rhRxfZP%2BQ0pyvyw3%2Fkfu53A%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afbefda693d-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
bootstrap.js
www.progressnormal.co/clicks/UltraZoom_files/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/bootstrap.js
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Origin
http://www.progressnormal.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-bf30"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5jMb3dGS9g7isk5paf%2BFC9qVR1SAvXPdyfx2sDE1l6zllGjEH%2FrftPZRJZNKfOAkTgtNh9DgNDdDryA8QhmodHt8zTxZ1cgQ%2B6CaU2bmKiwzG2WTHKm%2FH97uhsoQWODvRqzx2X3X0xQqGCbXvnNGwI0mN0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afbec79435d-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pixel-click.gif
www.progressnormal.co/clicks/UltraZoom_files/ 		43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/pixel-click.gif
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
"61844587-2b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iurArMMmsKdUtKYCBTcYuj%2Fdg07pRT%2Bclwhss7cjXg4gGbck8%2B5RL5DBci5GF7XCkmpHJK6wtiQbSscdeVxkhfKPx8Yk%2Fkkpgsaa2%2Bi1OmAM1fDseWwDKTPBQ84k3oui9gfvJXoO1vzG7Vt9FIu9G9tpWhI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6b616afecc2c693d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
43
0
bat.bing.com/action/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26055977&tm=gtm002&Ver=2&mid=8993bd48-0015-4559-8445-50337e83ffee&sid=c1b1ffa0251d11ec8e7e838d069dd842&vid=c1b23760251d11eca2bafda0d7bf87ae&vids=1&pi=0&lg=en-US&sw=1920&sh=1080&sc=24&tl=Ultra%20Zoom&p=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&r=&lt=500&evt=pageLoad&msclkid=N&sv=1&rn=908025
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2C607AFEE5B24394A140FE834E8F5D65 Ref B: FRAEDGE1306 Ref C: 2021-11-30T04:43:58Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/652536324/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/652536324/?random=1633357027364&cv=9&fst=1633356000000&num=1&guid=ON&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=973685054&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/652536324/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/652536324/?random=1633357027364&cv=9&fst=1633356000000&num=1&guid=ON&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=973685054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/389423146/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/389423146/?random=1633357027367&cv=9&fst=1633356000000&num=1&guid=ON&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=561353090&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/389423146/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/389423146/?random=1633357027367&cv=9&fst=1633356000000&num=1&guid=ON&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=561353090&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787909066/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787909066/?random=1633357027370&cv=9&fst=1633356000000&num=1&guid=ON&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=1103638155&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/787909066/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/787909066/?random=1633357027370&cv=9&fst=1633356000000&num=1&guid=ON&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_his=1&u_tz=360&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9r0&sendb=1&frm=0&url=file%3A%2F%2F%2FD%3A%2FSoftware%2520%26%2520Tutorial%2FEmail%2520marketing%2520(Elite%2520new)%2F2021%2Foffers%2Fwiditrade%2FUltraZoom.php&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=1103638155&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
www.progressnormal.co/clicks/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoom_files/font-awesome.css
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.progressnormal.co/clicks/UltraZoom_files/font-awesome.css
Origin
http://www.progressnormal.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kox8uiH236%2BTzwaFmnZcc7njh1DTYutLMHKwDaRVLH3jGkszgpKuSOW6uGSZ2OteA0Jtt7Z4DiQvTLFE9JIRctq%2F7qL6fMaE%2FeLo3FWtzEo9p1Bk%2BnpMLdVqn7fTfbDSQODGX21E8x09l0HkQ%2F8nV6u%2FluU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afc9fb5c27c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
HTTP/1.1
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 30 Nov 2021 04:43:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
684346926396516684
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
14378
X-XSS-Protection
0
Expires
Tue, 30 Nov 2021 04:43:58 GMT
blank.htm
www.progressnormal.co/clicks/UltraZoom_files/ Frame F0F6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/blank.htm
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02ad417746e9700ac80d047e5188ad3d033e6f1fd05ce1fb3dae8114be07c03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QPJaIeP9pdp1KXNhk2cPj1KagYNl89%2B1peLmzXXZsfLzbOe2E7g%2Fxi6gVoQYTRnEsOKqqzYmYsGjTwq5QrDFQILbudet0pBWXtNIRs5iqh01%2BSahJdoJSEnesTBTVo9sFG0uKfNQ7k393MLA2PDD%2FT7%2FAQ%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6b616afd4827c27c-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
blank.html
8a93b192-a897-44e1-b8f0-de4f8a32c2b7/data/content_script/ Frame D8A0 		0
0
1671667636297045
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1671667636297045?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ab4179f0276a848c1e3ef667b7a13f2def6e0065cc64956de88579fb0781ebe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89169
x-xss-protection
0
pragma
public
x-fb-debug
4bZNaaq5jZEjAeC9ObnQnOY95dmVnCr+SK7hPqvCw3/mj7h47iOVEotkMYkcTEBx4cdkMugtOdhxzBq+hEmeMg==
x-frame-options
DENY
date
Tue, 30 Nov 2021 04:43:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26055977&tm=gtm002&Ver=2&mid=2bd30675-745a-4df3-af50-acaf7ae3f53c&sid=22065820519811ec91a963490b28f60a&vid=22067650519811ecb556955aafdd6853&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ultra%20Zoom&p=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&r=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&lt=639&evt=pageLoad&msclkid=N&sv=1&rn=615752
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EA000AD8B5B2452699CDD8537A8069AF Ref B: FRAEDGE1306 Ref C: 2021-11-30T04:43:58Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1010586601&t=pageview&_s=1&dl=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ul=en-us&de=UTF-8&dt=Ultra%20Zoom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=274948072&gjid=1590243556&cid=418772612.1638247439&tid=UA-123669295-1&_gid=1348853121.1638247439&_r=1&gtm=2wgba1NGZ7Z7Q&z=1477332603
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.progressnormal.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.progressnormal.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff
www.progressnormal.co/clicks/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoom_files/font-awesome.css
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.progressnormal.co/clicks/UltraZoom_files/font-awesome.css
Origin
http://www.progressnormal.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82E2TTAVlr3zhTvmG0xigi1T9THZM4CGNmuS0T9xlxuF9ztYQDA%2FdO6Tir4Z10Hx%2BzeOjOxrGb4zMYnuma3nLQOUnhatAiFxKsj%2BnvUspYYsINWPIAVi9JLa5kcnP6x0aKQsP7QXzJZNpbPKQLHQ8tlsVa0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afdbadb695d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
551800715557688
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/551800715557688?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b434e7b3f6d576533fa0e942264942fa36b314295b9c06843504245993e3b91
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89298
x-xss-protection
0
pragma
public
x-fb-debug
2uddGZAf4qDbb/jpe3Gn9gHW30YEN++F83zs8g3LnGTR4L/VlCNrA27AuvoYGpYABiqiT9I0m16k0FkVdZvUqg==
x-frame-options
DENY
date
Tue, 30 Nov 2021 04:43:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1671667636297045&ev=PageView&dl=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&rl=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&if=false&ts=1638247438975&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638247438973.477010875&it=1638247438924&coo=false&exp=p1&rqm=GET
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 30 Nov 2021 04:43:59 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/389423146/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/389423146/?random=1638247438996&cv=9&fst=1638247438996&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ref=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&tiba=Ultra%20Zoom&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bfdba2cd8f21a4f23881fb0e9cd43c3ee64a55b66ab52453193e48da83dc993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1211
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/652536324/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/652536324/?random=1638247438999&cv=9&fst=1638247438999&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ref=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&tiba=Ultra%20Zoom&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f561f9b1ae9c2ec25546fda58417c9f06776247479e6abafa31376bdaf5fd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1213
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787909066/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787909066/?random=1638247439000&cv=9&fst=1638247439000&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ref=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&tiba=Ultra%20Zoom&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcd24cd38878794757f994ab320eca322dea6dc67f8cfc28945e54cf17b68f4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1214
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=551800715557688&ev=PageView&dl=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&rl=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&if=false&ts=1638247439021&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1638247438973.477010875&it=1638247438924&coo=false&exp=p1&rqm=GET
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 30 Nov 2021 04:43:59 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1671667636297045&ev=Search&dl=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&rl=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&if=false&ts=1638247439048&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1638247438973.477010875&it=1638247438924&coo=false&exp=p1&rqm=GET
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 30 Nov 2021 04:43:59 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=551800715557688&ev=Search&dl=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&rl=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&if=false&ts=1638247439049&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1638247438973.477010875&it=1638247438924&coo=false&exp=p1&rqm=GET
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 30 Nov 2021 04:43:59 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123669295-1&cid=418772612.1638247439&jid=274948072&gjid=1590243556&_gid=1348853121.1638247439&_u=YEBAAEAAAAAAAC~&z=1846181952
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.progressnormal.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 30 Nov 2021 04:43:59 GMT
content-type
text/plain
access-control-allow-origin
http://www.progressnormal.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.ttf
www.progressnormal.co/clicks/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/fonts/fontawesome-webfont.ttf?v=4.7.0
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoom_files/font-awesome.css
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.progressnormal.co/clicks/UltraZoom_files/font-awesome.css
Origin
http://www.progressnormal.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enbOnNS6z60E40Bahd%2FHJpW%2Fk1izMJsyBxQdDCv72KfgpX1hm0xwHSxEtGn2BTZjF4yzHm%2FykLkmK%2FpAL2821P%2FvdwRykHkX335jSK%2F80KbVxKbBJD1628%2BC%2FGmNJG4YfKDORuUAv2i4RVmtpv4y885iU5w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afe88ac6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
inject.css
www.progressnormal.co/clicks/UltraZoom_files/blank_data/ Frame F0F6 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.progressnormal.co/clicks/UltraZoom_files/blank_data/inject.css
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoom_files/blank.htm
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:4dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/clicks/UltraZoom_files/blank.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
last-modified
Thu, 04 Nov 2021 20:41:43 GMT
Server
cloudflare
etag
W/"61844587-f28"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPOKmEMB31s0qYrnBd%2FVR1j0IrT8Xh80UVCjApHK0K%2FGGdKbCZjmNM%2BR%2BRuz7HPOk4squCh9ZAOqrnLDkMtuHDM62J0QWglzy2%2BW3oxT%2BngP2IwPa6GbOM92uRNROSxSBxIERj5qJSfJixcLzZT3K8PddzQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b616afe8fc9435d-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
/
www.google.com/pagead/1p-user-list/389423146/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/389423146/?random=1638247438996&cv=9&fst=1638244800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ref=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=1060059348&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/389423146/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/389423146/?random=1638247438996&cv=9&fst=1638244800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ref=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=1060059348&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/652536324/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/652536324/?random=1638247438999&cv=9&fst=1638244800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ref=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=4249053295&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/652536324/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/652536324/?random=1638247438999&cv=9&fst=1638244800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ref=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=4249053295&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787909066/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787909066/?random=1638247439000&cv=9&fst=1638244800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ref=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=1722787577&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/787909066/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/787909066/?random=1638247439000&cv=9&fst=1638244800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&ref=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&tiba=Ultra%20Zoom&async=1&fmt=3&is_vtc=1&random=1722787577&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123669295-1&cid=418772612.1638247439&jid=274948072&_u=YEBAAEAAAAAAAC~&z=2082876825
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123669295-1&cid=418772612.1638247439&jid=274948072&_u=YEBAAEAAAAAAAC~&z=2082876825
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoomCopy.php?sid=936896&h=zz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY/VWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pview
l.sharethis.com/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www.progressnormal.co&location=%2Fclicks%2FUltraZoomCopy.php&product=unknown&url=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Ultra%20Zoom&refQuery=offer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY&refDomain=www.progressnormal.co&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=Make%20your%20mobile%20phone%20into%20a%20portable%20telescope!
Requested by
Host: www.progressnormal.co
URL: http://www.progressnormal.co/clicks/UltraZoom_files/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 04:43:59 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
http://www.progressnormal.co
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1671667636297045&ev=Microdata&dl=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&rl=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&if=false&ts=1638247439478&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20Ultra%20Zoom%5Cn%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Ultra%20Zoom%22%2C%22og%3Adescription%22%3A%22Make%20your%20mobile%20phone%20into%20a%20portable%20telescope!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.widitrade.com%2Fassets%2Fproducts%2F5f43952ac6ee3f7f596eaf42%2Fproduct1.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fultrazoomshop.com%2F%3Fwidipub_id%3D5e934e58ef286424f749b303%26wtrd_offer_id%3D5f43a097da272e50d81e71d3%26wtrd_sectionId%3Dsharethis%26wtrd_sectName%3Dsharethis%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=2&o=30&fbp=fb.1.1638247438973.477010875&it=1638247438924&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 30 Nov 2021 04:43:59 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=551800715557688&ev=Microdata&dl=http%3A%2F%2Fwww.progressnormal.co%2Fclicks%2FUltraZoomCopy.php%3Fsid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&rl=http%3A%2F%2Fwww.progressnormal.co%2Foffer.php%3Fid%3D346%26sid%3D936896%26h%3Dzz1ju1lB1oWi9AebTDQ8QvVROnmb1-PepZAsHTHYXEY%2FVWohV1rw0kUtAswoQUBPpoA0WoSfkTPYc-dIsnnwJ28JQAzpMCKnlAJYvygyaTYakMOJ4yIzCGfwR-h-vy0vjeU0UMhJHaH1ZCpy8Lcxqw3aGjKwtjvqcOmvE5mnZEhH&if=false&ts=1638247439535&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20Ultra%20Zoom%5Cn%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Ultra%20Zoom%22%2C%22og%3Adescription%22%3A%22Make%20your%20mobile%20phone%20into%20a%20portable%20telescope!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.widitrade.com%2Fassets%2Fproducts%2F5f43952ac6ee3f7f596eaf42%2Fproduct1.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fultrazoomshop.com%2F%3Fwidipub_id%3D5e934e58ef286424f749b303%26wtrd_offer_id%3D5f43a097da272e50d81e71d3%26wtrd_sectionId%3Dsharethis%26wtrd_sectName%3Dsharethis%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=2&o=30&fbp=fb.1.1638247438973.477010875&it=1638247438924&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.progressnormal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 04:43:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 30 Nov 2021 04:43:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
8a93b192-a897-44e1-b8f0-de4f8a32c2b7
URL
moz-extension://8a93b192-a897-44e1-b8f0-de4f8a32c2b7/data/content_script/blank.html

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer function| UET function| UET_init function| UET_push function| GooglemKTybQhCsO function| google_trackConversion object| google_noFurtherRedirects object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| core object| __core-js_shared__ object| firebase object| ueto_b4804ea982 object| uetq function| moment object| bootstrap undefined| config undefined| callAjax function| fbq function| _fbq string| url object| paramReg undefined| value object| body object| html number| height object| gaplugins object| gaGlobal object| gaData object| GooglebQhCsO object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__

9 Cookies

Domain/Path Name / Value
.bing.com/ Name: MUID
Value: 3949482702766F2327CA58D803A46E5C
.progressnormal.co/ Name: _gcl_au
Value: 1.1.1361515967.1638247439
.progressnormal.co/ Name: _uetsid
Value: 22065820519811ec91a963490b28f60a
.progressnormal.co/ Name: _uetvid
Value: 22067650519811ecb556955aafdd6853
.progressnormal.co/ Name: _ga
Value: GA1.2.418772612.1638247439
.progressnormal.co/ Name: _gid
Value: GA1.2.1348853121.1638247439
.progressnormal.co/ Name: _gat_UA-123669295-1
Value: 1
.progressnormal.co/ Name: _fbp
Value: fb.1.1638247438973.477010875
.doubleclick.net/ Name: IDE
Value: AHWqTUkC-canqylX777oAFErydFLbCnnyHAIXtTQMAP8uhPzrpu7G4cZ5tbFcnWO

3 Console Messages

Source Level URL
Text
network error URL: http://www.progressnormal.co/clicks/fonts/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.progressnormal.co/clicks/fonts/fontawesome-webfont.woff?v=4.7.0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.progressnormal.co/clicks/fonts/fontawesome-webfont.ttf?v=4.7.0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a93b192-a897-44e1-b8f0-de4f8a32c2b7
bat.bing.com
connect.facebook.net
googleads.g.doubleclick.net
l.sharethis.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.progressnormal.co
8a93b192-a897-44e1-b8f0-de4f8a32c2b7
142.250.184.226
18.198.109.212
2606:4700:3036::6815:4dc2
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2008
2a00:1450:400c:c07::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
08f0be3149fb34d24c91045b25de9d1e40844b9d69ad195e4b2b586c5c8e173a
0b434e7b3f6d576533fa0e942264942fa36b314295b9c06843504245993e3b91
0f6bbb7e286f1f3ad2aadaa4794d4f1ce8d2a1a262f1a9b8851533edbd41ae79
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b
1066274fa5181ca6b56282204d3533f6f19f22ea5295c47451449920e9f578eb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1432db970a9bc656b76aca72a9482d1600d3cb6ce164132ffb016bde4cb78d01
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a73a5a64e9f36e74c75afd95aed4d8a7ff102b80912054ed2226c702c3d0ae2
1f561f9b1ae9c2ec25546fda58417c9f06776247479e6abafa31376bdaf5fd15
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
2e99e8bbe4f815eca8476e6afe3b1f95eeb6f609ffc4fb84d206066389cb7fb5
4ab6234bf2dee17d40ed7aa46b1d58926afe4a87b9cd4b98eee9a9882f6b8c5b
4bfdba2cd8f21a4f23881fb0e9cd43c3ee64a55b66ab52453193e48da83dc993
54ffd5b6f358f27788a9a7eb00064ac6e290f60234f8fbf45c5e6eb43349bfda
5ab4179f0276a848c1e3ef667b7a13f2def6e0065cc64956de88579fb0781ebe
5d6ac652a4a210d983f1b2fe05578b97b8827e1b3ea643f222aad941c4b64def
6b6b686ecaa56e02ec5aced95541a03f922f599b31f1b4cd429ceca824a6e669
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
817d36c61b8c6b602b93e1082d0f6609475444a8077d266acbfad5459296155f
81dff483fdac22b45e404c729c8cf593a995840478f4101cd8e97e09b47ae96e
83df894173768fb3b869a1a76cbc0077110485fafd2fd002182e4671c6106970
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a90d43c105bace594322b0998200890c30f29ca598da49bb3b8f818ed80955b
8c86b7576396386d753c85229f166adf6b889f4260d15bd15f80ba8b1eed6dc4
9088db9210f2c36064de49217cca5aa57b2afcc3be49198f3684577d9ec4d8d1
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
98d897e86de957892e35db88c0fc91eaf193ab98da1c1b18577aaedce76d1a61
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24cdc01fb57a856ce5fe2a507c4c2c13909a1769bed9e4cd530b9fc0832b33c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
accede6547d3fb48de661244978281a3afe9f0d3e95e04c7f2f78fd2cf35a6b7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b5e36e24e967ea187b46d085a413155ffbd11a32769e09916c73ea986a4cbe26
d4c5a040b421c100087ee947bfd055792c37e534dfdbb003399f42d7eb1ec541
d6a77aaaf72353684b568e3b4a313b2cec229bbb0c3657cae781d8050acadbab
dcd24cd38878794757f994ab320eca322dea6dc67f8cfc28945e54cf17b68f4d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02ad417746e9700ac80d047e5188ad3d033e6f1fd05ce1fb3dae8114be07c03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503955f93d43b30da94f273e275f1d1c110404915e986aadebfcbb05a8ea9b1
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629