goldenluckpath.click Open in urlscan Pro
34.74.215.184 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://my369371-vincci-paradigm-mall.contact.page/
Effective URL:
https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=...
Submission: On November 24 via api (November 24th 2024, 7:54:37 am UTC) from MY — Scanned from US

Summary HTTP 140 Redirects Behaviour Indicators

Summary

This website contacted 44 IPs in 7 countries across 38 domains to perform 140 HTTP transactions. The main IP is 34.74.215.184, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is goldenluckpath.click.
TLS certificate: Issued by E6 on October 26th 2024. Valid for: 3 months.

This is the only time goldenluckpath.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	3.6.30.125 3.6.30.125	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
3	185.106.140.206 185.106.140.206	7979 (SERVERS-COM) (SERVERS-COM)
1	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	148.251.40.113 148.251.40.113	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
3	141.94.202.179 141.94.202.179	16276 (OVH OVH SAS) (OVH OVH SAS)
13	185.106.140.207 185.106.140.207	7979 (SERVERS-COM) (SERVERS-COM)
21	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
1	51.222.39.186 51.222.39.186	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.148.55.236 135.148.55.236	16276 (OVH OVH SAS) (OVH OVH SAS)
1	125.253.89.184 125.253.89.184	19437 (SS-ASH) (SS-ASH)
2	23.51.57.13 23.51.57.13	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	174.137.133.32 174.137.133.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3 3	35.211.202.130 35.211.202.130	15169 (GOOGLE) (GOOGLE)
1 1	131.153.170.220 131.153.170.220	19437 (SS-ASH) (SS-ASH)
1	37.157.4.29 37.157.4.29	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.128.28 108.138.128.28	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1	3.227.77.161 3.227.77.161	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.116 162.19.138.116	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2607:f8b0:400... 2607:f8b0:4006:817::2006	15169 (GOOGLE) (GOOGLE)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
2	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26f... 2600:9000:26fa:9c00:9:a47d:f700:21	16509 (AMAZON-02) (AMAZON-02)
1 2	23.227.200.83 23.227.200.83	29802 (HVC-AS) (HVC-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2	34.74.215.184 34.74.215.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
140	44

2 3.6.30.125 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-6-30-125.ap-south-1.compute.amazonaws.com

my369371-vincci-paradigm-mall.contact.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.106.140.206 (Netherlands)

ASN7979 (SERVERS-COM, US)

player.viads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.40.113 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.113.40.251.148.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.202.179 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31491885.ip-141-94-202.eu

cdn.viads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vi.hhkld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.106.140.207 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.hhkld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.hhkld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.186 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ip186.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.148.55.236 (Reston, United States)

ASN16276 (OVH OVH SAS, FR)
PTR: ns1011207.ip-135-148-55.us

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.253.89.184 (United States)

ASN19437 (SS-ASH, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.32 (United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.202.130 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.170.220 (Ashburn, United States) 1 redirects

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)

e5da47b7e63fe12333f661697eddee36.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.77.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-77-161.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26fa:9c00:9:a47d:f700:21 (United States)

ASN16509 (AMAZON-02, US)

d7jx9sbm8zc2k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.227.200.83 (New York, United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: 23-227-200-83.static.hvvc.us

redirectlinkway.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

crcdn09.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.74.215.184 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.215.74.34.bc.googleusercontent.com

goldenluckpath.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

global-cdn-cc.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	google.com cse.google.com — Cisco Umbrella Rank: 3364 www.google.com — Cisco Umbrella Rank: 3 clients1.google.com — Cisco Umbrella Rank: 510 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695	323 KB
21	b-cdn.net global-cdn-cc.b-cdn.net — Cisco Umbrella Rank: 264350	237 KB
15	hhkld.com rtb.hhkld.com — Cisco Umbrella Rank: 14432 logs.hhkld.com — Cisco Umbrella Rank: 98091 vi.hhkld.com — Cisco Umbrella Rank: 121860	8 KB
15	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	186 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 e5da47b7e63fe12333f661697eddee36.safeframe.googlesyndication.com	317 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 506	174 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 393	1 KB
3	viads.com player.viads.com — Cisco Umbrella Rank: 147548	7 KB
2	goldenluckpath.click goldenluckpath.click	17 KB
2	redirectlinkway.top 1 redirects redirectlinkway.top — Cisco Umbrella Rank: 149282	5 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com — Cisco Umbrella Rank: 533	30 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	14 KB
2	gstatic.com fonts.gstatic.com	754 KB
2	adkernel.com 2 redirects sync.adkernel.com — Cisco Umbrella Rank: 1207	1 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 570	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
2	contact.page my369371-vincci-paradigm-mall.contact.page	17 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	30 KB
1	adnxs-simple.com crcdn09.adnxs-simple.com — Cisco Umbrella Rank: 15020
1	cloudfront.net d7jx9sbm8zc2k.cloudfront.net	11 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4214	465 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	17 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	903 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700	1 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 45	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	68 KB
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1505	476 B
1	cpmstar.com 1 redirects server.cpmstar.com — Cisco Umbrella Rank: 3384	621 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 788
1	nextmillmedia.com cookies.nextmillmedia.com — Cisco Umbrella Rank: 2679
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 712
1	viads.net cdn.viads.net — Cisco Umbrella Rank: 123551	87 KB
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1624
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	105 KB
140	38

	Domain	Requested by
21	global-cdn-cc.b-cdn.net	goldenluckpath.click
21	fundingchoicesmessages.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
10	logs.hhkld.com	cdn.viads.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	my369371-vincci-paradigm-mall.contact.page pagead2.googlesyndication.com imasdk.googleapis.com
7	securepubads.g.doubleclick.net	cdn.viads.net securepubads.g.doubleclick.net imasdk.googleapis.com
6	www.google.com	cse.google.com www.google.com my369371-vincci-paradigm-mall.contact.page ep2.adtrafficquality.google
5	fonts.googleapis.com	pagead2.googlesyndication.com
3	imasdk.googleapis.com	cdn.viads.net imasdk.googleapis.com
3	x.bidswitch.net	3 redirects
3	rtb.hhkld.com	player.viads.com my369371-vincci-paradigm-mall.contact.page cdn.viads.net
3	player.viads.com	my369371-vincci-paradigm-mall.contact.page player.viads.com
2	goldenluckpath.click	my369371-vincci-paradigm-mall.contact.page goldenluckpath.click
2	redirectlinkway.top	1 redirects my369371-vincci-paradigm-mall.contact.page
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	vi.hhkld.com	cdnjs.cloudflare.com
2	fonts.gstatic.com	fonts.googleapis.com
2	sync.adkernel.com	2 redirects
2	ads.pubmatic.com	my369371-vincci-paradigm-mall.contact.page ads.pubmatic.com
2	www.google-analytics.com	www.googletagmanager.com
2	cse.google.com	my369371-vincci-paradigm-mall.contact.page www.google.com
2	my369371-vincci-paradigm-mall.contact.page
1	code.jquery.com	goldenluckpath.click
1	crcdn09.adnxs-simple.com
1	d7jx9sbm8zc2k.cloudfront.net	imasdk.googleapis.com
1	gum.criteo.com	static.criteo.net
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	s0.2mdn.net	imasdk.googleapis.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	e5da47b7e63fe12333f661697eddee36.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	lh3.googleusercontent.com	my369371-vincci-paradigm-mall.contact.page
1	cdnjs.cloudflare.com	cdn.viads.net
1	cm.adform.net	my369371-vincci-paradigm-mall.contact.page
1	server.cpmstar.com	1 redirects
1	prebid.a-mo.net	my369371-vincci-paradigm-mall.contact.page
1	cookies.nextmillmedia.com	my369371-vincci-paradigm-mall.contact.page
1	onetag-sys.com	my369371-vincci-paradigm-mall.contact.page
1	cdn.viads.net	player.viads.com
1	sync.richaudience.com	player.viads.com
1	clients1.google.com	my369371-vincci-paradigm-mall.contact.page
1	www.googletagmanager.com	my369371-vincci-paradigm-mall.contact.page
140	49

This site contains no links.

Subject Issuer	Validity	Valid
*.contact.page E6	`2024-09-05` - `2024-12-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.viads.com R10	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.richaudience.com RapidSSL TLS RSA CA G1	`2024-02-14` - `2025-02-25`	a year	crt.sh
*.viads.net R11	`2024-10-13` - `2025-01-11`	3 months	crt.sh
*.hhkld.com R11	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.nextmillmedia.com R11	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.a-mo.net R10	`2024-09-29` - `2024-12-28`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-27` - `2025-06-18`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
id5-sync.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
esp.rtbhouse.com WR3	`2024-10-22` - `2025-01-20`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
switchpathfinder.xyz E5	`2024-10-14` - `2025-01-12`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
chancebliss.xyz E6	`2024-10-26` - `2025-01-24`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2024-11-05` - `2025-11-11`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Frame ID: 7D58D33991EF323311FC29FF401749A6
Requests: 123 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: DCDCF15B4DE5919D2D95F94473EC9BA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1838267179328910&output=html&adk=1920884503&adf=3566758789&abgtt=6&lmt=1732434870&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_r&format=0x0&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&pra=5&wgl=1&aihb=0&aiof=3~4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732434869761&bpp=5&bdt=213&idt=242&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1519410801871&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347445%2C95345966%2C95347755&oid=2&pvsid=1562874717238368&tmod=754821240&uas=0&nvt=1&fsapi=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=286
Frame ID: D49D836C1ED6F0D9A7DDD60171ADD4E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1838267179328910&output=html&h=600&slotname=4811044446&adk=3084778486&adf=379334476&pi=t.ma~as.4811044446&w=294&abgtt=6&fwrn=4&fwrnh=100&lmt=1732434870&rafmt=1&format=294x600&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732434869766&bpp=3&bdt=218&idt=303&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1519410801871&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-318&ady=266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347445%2C95345966%2C95347755&oid=2&pvsid=1562874717238368&tmod=754821240&uas=0&nvt=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CfpeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=317
Frame ID: 5CAB8E57721C734C6CC499417FC20C0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1838267179328910&output=html&h=280&slotname=2140649070&adk=4035524768&adf=1927373248&pi=t.ma~as.2140649070&w=684&abgtt=6&fwrn=4&fwrnh=100&lmt=1732434870&rafmt=1&format=684x280&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732434869769&bpp=1&bdt=221&idt=336&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C294x600&nras=1&correlator=1519410801871&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347445%2C95345966%2C95347755&oid=2&pvsid=1562874717238368&tmod=754821240&uas=0&nvt=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=341
Frame ID: FB6E0F8F647424A44168C948C16D4962
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1838267179328910&output=html&h=280&slotname=7652700328&adk=3359513897&adf=1829251922&pi=t.ma~as.7652700328&w=684&abgtt=6&fwrn=4&fwrnh=100&lmt=1732434870&rafmt=1&format=684x280&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732434869770&bpp=1&bdt=222&idt=358&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C294x600%2C684x280&nras=1&correlator=1519410801871&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347445%2C95345966%2C95347755&oid=2&pvsid=1562874717238368&tmod=754821240&uas=0&nvt=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=362
Frame ID: A3AABF33C5DC9C5C33CD85B3C565A2D2
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=37877490903
Frame ID: 273F913E9A4E6781D37E655B67DE76B5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7516a748d25c406&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: CBCAFCEBE4E25ED438FC89AC6C014048
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Frame ID: D664986BDBAA8A397CC881FD071E0168
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
Frame ID: 06ED3218877D9334FBB06EDE9936E87D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: D736D76A8B39009E8C1C34F96FC0CE83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: E90227F8CDA7FF2076960409375B631F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: EF7DAA1D9BC3DA44ACC759965557E20D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 000B27F4F0A66E7AC2EFD9C6E1F7656D
Requests: 1 HTTP requests in this frame

Frame: https://e5da47b7e63fe12333f661697eddee36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2563C60351C4149679BF851F921EC897
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=1283873&predirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=1YNN&gpp=&gpp_sid=
Frame ID: 8E0EAF352E62064DF36BBDB146594C13
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: C52EBB64DD02801C74768805F8CBF36E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F510768DF7CDA9B33D24D2AB3A7F09BE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=my369371-vincci-paradigm-mall.contact.page&gdpr=0&gdpr_consent=&gpp=DBABL~BVQqAAAAAg&gpp_sid=7
Frame ID: 54993952219A4BC1312C257CE00C2671
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 2F7EF774566CCAB8733833DCBB8C91F6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC833CE6D6529201D517AD67CD138E48
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 74D901A5342BA779465D8EAAF1CAE8D9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Customer Reward Program

Page URL History Show full URLs

http://my369371-vincci-paradigm-mall.contact.page/ HTTP 307
https://my369371-vincci-paradigm-mall.contact.page/ Page URL
https://redirectlinkway.top/visit.php?k=f2afb05c93afdb41ca47253b5f27b890&bid_id=6825e3ac-45d8-3355-aac6-... HTTP 302
https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c0676... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

140
Requests

98 %
HTTPS

52 %
IPv6

38
Domains

49
Subdomains

44
IPs

7
Countries

2456 kB
Transfer

10022 kB
Size

139
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://my369371-vincci-paradigm-mall.contact.page/ HTTP 307
https://my369371-vincci-paradigm-mall.contact.page/ Page URL
https://redirectlinkway.top/visit.php?k=f2afb05c93afdb41ca47253b5f27b890&bid_id=6825e3ac-45d8-3355-aac6-1739f2eb2983&browser=chrome&c=206&cc=US&et2=0x0&exchange=ussi-adeum-pll-cpm-rtb-vo&ifm_ori=2%7C%7Cmy369371-vincci-paradigm-mall.contact.page%7C%7Cmy369371-vincci-paradigm-mall.contact.page&ip=208.252.80.175&mod=h&os=linux&pub=my369371-vincci-paradigm-mall.contact.page&publisher_id=109401809969232&sec_id=9f6d15af2daa26a45fbdc11b4e2ecf54&site_id=my369371-vincci-paradigm-mall.contact.page_adbb3a75f206101210db7eb80eb0e690&subage=%7Bsubage%7D&time=1a7t3l2a4r3z4r8c7v3z9c6p2&xrtb_id=IeOykA2qpfA4NokFS4t2YuithT8tBvIu1ML9xtyoRJo&scid_bak=1c41d66b534abcb1ae4074295f71c147&scip_bak=e36d2a27c47763e109282a498517ca74&tmid_flg=MKTackzaMxjiQ0z0N7Dg3NQO0O0OO0O0O&click_type=pop HTTP 302
https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://my369371-vincci-paradigm-mall.contact.page/ HTTP 307
https://my369371-vincci-paradigm-mall.contact.page/

Request Chain 32

https://sync.adkernel.com/user-sync?zone=201966&t=image&r=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D78%26uid%3D%7BUID%7D HTTP 302
https://x.bidswitch.net/sync?ssp=xapads&user_id=A1490592139165956810 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=xapads&user_id=A1490592139165956810 HTTP 302
https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=8c0b5cd1-4100-43af-ab76-c003881d86bb&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dxapads%26user_id%3D%24UID HTTP 302
https://x.bidswitch.net/sync?dsp_id=440&ssp=xapads&user_id=dTowQUxoMDdwNWNkM3RsWXc0b2FKaTA= HTTP 302
https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=8c0b5cd1-4100-43af-ab76-c003881d86bb HTTP 302
https://rtb.hhkld.com/tools/sync?dsp=78&uid=A1490592139165956810

140 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
my369371-vincci-paradigm-mall.contact.page/
Redirect Chain

http://my369371-vincci-paradigm-mall.contact.page/
https://my369371-vincci-paradigm-mall.contact.page/

53 KB
15 KB

1060ms
532ms

Document
text/html

3.6.30.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my369371-vincci-paradigm-mall.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.6.30.125 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-6-30-125.ap-south-1.compute.amazonaws.com

Software

nginx / Phusion Passenger(R) 6.0.11

Resource Hash

071308df45ac045a465a400a383015db9ea252755a7dd63b07e0b56e70f6fd74

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 24 Nov 2024 07:54:29 GMT
etag: W/"489f2e46a66f2fd49dc018b695fcd237"
server: nginx
status: 200 OK
x-frame-options: ALLOWALL
x-my-header: iw_with_2_instants
x-powered-by: Phusion Passenger(R) 6.0.11
x-proxy-cache: HIT
x-request-id: c766d0b8-bc89-4f3f-b24e-93806ad339fa
x-runtime: 0.212031

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://my369371-vincci-paradigm-mall.contact.page/
Non-Authoritative-Reason: HSTS

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 157ms
50ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1838267179328910

Requested by

Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d1aed288c991e5d45ec6f55b1ce51748005148c7dd5be4d78d2f7bb594e742c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://my369371-vincci-paradigm-mall.contact.page
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
etag: 3037861996823858507
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 24 Nov 2024 07:54:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53369
x-xss-protection: 0
server: cafe

GET
H2 200 load-109401.js Show response
player.viads.com/tag/ 306 B
667 B 513ms
247ms Script
application/javascript 185.106.140.206
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://player.viads.com/tag/load-109401.js
Requested by: Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.206 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: b17907c637abc8ca138ab6ab02aed0ff3b41566a8bac74c2f0c0e82873da6173

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date: Sun, 24 Nov 2024 07:54:29 GMT
content-type: application/javascript
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
105 KB 147ms
50ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z7GJYTLSNH

Requested by

Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ade8410ef9fd988e03e3ab29b923644c6d8ab065604d9a90af8fdc0352ccbf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 24 Nov 2024 07:54:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106794
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
3 KB 146ms
49ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=f0f6658b9790eef9e

Requested by

Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

c1d200876d1a18bee5a10aea288c37cbf6783ac445aa82ce77bee760e65e3218

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-xe_yjssomQoV4Yf6aRp5xw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-xe_yjssomQoV4Yf6aRp5xw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
content-encoding: br
accept-ch: Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2565
date: Sun, 24 Nov 2024 07:54:29 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: gws
x-frame-options: SAMEORIGIN

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 90 KB
31 KB 94ms
92ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1838267179328910

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23dc2a845de8316580c61ddda67d06583e14f5ca2c274578c25bed9367f5e3f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
etag: 8282980729199514834
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 24 Nov 2024 07:54:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 31888
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 434 KB
144 KB 114ms
113ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1838267179328910

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bf167774e13c97ed87fac15142657c51e15371a12ed4880922fb58cbe3aeaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
etag: 1457345766710809803
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 24 Nov 2024 07:54:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147621
x-xss-protection: 0
server: cafe

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/5c8d58cbdc1332a7/ 291 KB
96 KB 134ms
43ms Script
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/5c8d58cbdc1332a7/cse_element__en.js?usqp=CAM%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=f0f6658b9790eef9e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

440ba29a2dab56b481bd36195049ec5b4ec4630bde332f31c8dc06a6f30c8977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:29 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 02:27:52 GMT
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 97898
x-xss-protection: 0
server: sffe

GET
H3 200 default+en.css
www.google.com/cse/static/element/5c8d58cbdc1332a7/ 41 KB
9 KB 128ms
38ms Stylesheet
text/css 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/5c8d58cbdc1332a7/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=f0f6658b9790eef9e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:29 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 02:27:52 GMT
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 9068
x-xss-protection: 0
server: sffe

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 112ms
22ms Stylesheet
text/css 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=f0f6658b9790eef9e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
age: 2802
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:57:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:07:47 GMT
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 1345
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 172ms
77ms Fetch
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z7GJYTLSNH&gtm=45je4bk0v868708545za200&_p=1732434869580&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1450241214.1732434870&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732434869&sct=1&seg=0&dl=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&dt=Vincci%20Paradigm%20Mall%20contact%20information.%20Shoes%20-%20Exporters%20%26%20Importers%2C%20in%20Selangor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1378
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z7GJYTLSNH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:29 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 146 KB
53 KB 45ms
44ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/5c8d58cbdc1332a7/cse_element__en.js?usqp=CAM%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91ac336e7d8709f75abafcc3fa4ced0193c95efc5eedd1a43f1ff4c8e2b416c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
etag: "5651506027713807035"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-xss-protection: 0
server: sffe

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 25ms
24ms Image
image/png 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/5c8d58cbdc1332a7/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/cse/static/element/5c8d58cbdc1332a7/default+en.css

Response headers

age: 204252
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 23:10:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 23:10:17 GMT
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 1018
x-xss-protection: 0
server: sffe

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 2 KB
2 KB 23ms
23ms Image
image/png 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

age: 159271
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 11:39:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 11:39:59 GMT
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 1556
x-xss-protection: 0
server: sffe

GET
H2 204 generate_204
clients1.google.com/ 0
118 B 148ms
22ms Image
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Nov 2024 07:54:30 GMT
cross-origin-resource-policy: cross-origin

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1838267179328910
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame DCDC 0
0 117ms
23ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 54
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:53:36 GMT
etag: 17661348622971093804
expires: Sun, 08 Dec 2024 07:53:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D49D 0
0 521ms
453ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1838267179328910&output=html&adk=1920884503&adf=3566758789&abgtt=6&lmt=1732434870&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_r&format=0x0&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&pra=5&wgl=1&aihb=0&aiof=3~4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732434869761&bpp=5&bdt=213&idt=242&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1519410801871&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347445%2C95345966%2C95347755&oid=2&pvsid=1562874717238368&tmod=754821240&uas=0&nvt=1&fsapi=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=286

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37186
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:54:30 GMT
expires: Sun, 24 Nov 2024 07:54:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5CAB 0
0 242ms
209ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1838267179328910&output=html&h=600&slotname=4811044446&adk=3084778486&adf=379334476&pi=t.ma~as.4811044446&w=294&abgtt=6&fwrn=4&fwrnh=100&lmt=1732434870&rafmt=1&format=294x600&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732434869766&bpp=3&bdt=218&idt=303&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1519410801871&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-318&ady=266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347445%2C95345966%2C95347755&oid=2&pvsid=1562874717238368&tmod=754821240&uas=0&nvt=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CfpeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=317

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:54:30 GMT
expires: Sun, 24 Nov 2024 07:54:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame FB6E 0
0 218ms
211ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1838267179328910&output=html&h=280&slotname=2140649070&adk=4035524768&adf=1927373248&pi=t.ma~as.2140649070&w=684&abgtt=6&fwrn=4&fwrnh=100&lmt=1732434870&rafmt=1&format=684x280&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732434869769&bpp=1&bdt=221&idt=336&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C294x600&nras=1&correlator=1519410801871&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347445%2C95345966%2C95347755&oid=2&pvsid=1562874717238368&tmod=754821240&uas=0&nvt=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=341

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:54:30 GMT
expires: Sun, 24 Nov 2024 07:54:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load-109401.js Show response
player.viads.com/tag/ 18 KB
5 KB 128ms
127ms Script
application/javascript 185.106.140.206
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://player.viads.com/tag/load-109401.js?rqst=2&page_url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F
Requested by: Host: player.viads.com
URL: https://player.viads.com/tag/load-109401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.206 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 087dea2b36c9b25159c7b46f50f94c16bdcf51c33290cd75871218fc25e051ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
date: Sun, 24 Nov 2024 07:54:30 GMT
content-type: application/javascript
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame A3AA 0
0 185ms
184ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1838267179328910&output=html&h=280&slotname=7652700328&adk=3359513897&adf=1829251922&pi=t.ma~as.7652700328&w=684&abgtt=6&fwrn=4&fwrnh=100&lmt=1732434870&rafmt=1&format=684x280&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732434869770&bpp=1&bdt=222&idt=358&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C294x600%2C684x280&nras=1&correlator=1519410801871&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347445%2C95345966%2C95347755&oid=2&pvsid=1562874717238368&tmod=754821240&uas=0&nvt=1&fc=1920&brdim=200%2C200%2C200%2C200%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=362

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:54:30 GMT
expires: Sun, 24 Nov 2024 07:54:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ Frame 273F 0
0 529ms
252ms Document
text/javascript 148.251.40.113
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=37877490903
Requested by: Host: player.viads.com
URL: https://player.viads.com/tag/load-109401.js?rqst=2&page_url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.40.113 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.113.40.251.148.clients.your-server.de
Software: nginx / PHP/8.1.30
Resource Hash

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/javascript;charset=UTF-8
date: Sun, 24 Nov 2024 07:54:30 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.1.30

GET
H2 200 109401 Show response
player.viads.com/cnsync/ 1 B
463 B 109ms
107ms Fetch
application/json 185.106.140.206
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://player.viads.com/cnsync/109401?prm=%5B%22richau%22%5D
Requested by: Host: player.viads.com
URL: https://player.viads.com/tag/load-109401.js?rqst=2&page_url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.206 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
date: Sun, 24 Nov 2024 07:54:30 GMT
content-type: application/json
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 index.js Show response
cdn.viads.net/player/2.29.4/ 246 KB
87 KB 474ms
203ms Script
application/javascript 141.94.202.179
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viads.net/player/2.29.4/index.js
Requested by: Host: player.viads.com
URL: https://player.viads.com/tag/load-109401.js?rqst=2&page_url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns31491885.ip-141-94-202.eu
Software: nginx /
Resource Hash: 358e018099daa0bfe87a0106798caedbf9dbf7aaeb5ad88b2526025fc07e2153

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://my369371-vincci-paradigm-mall.contact.page
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: max-age=315360000, public, no-transform
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Sun, 24 Nov 2024 07:54:30 GMT
content-type: application/javascript
last-modified: Sun, 22 Sep 2024 07:52:19 GMT
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 / Show response
rtb.hhkld.com/sync/config/ 2 KB
1 KB 435ms
182ms Fetch
application/json 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.hhkld.com/sync/config/?zone=109401
Requested by: Host: player.viads.com
URL: https://player.viads.com/tag/load-109401.js?rqst=2&page_url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: f6f689d1447f14d5e10dbaf5900e81900f3d1292137c2162dd3e203a04d42c0d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 702
date: Sun, 24 Nov 2024 07:54:30 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx
access-control-allow-headers: Content-Type, *

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 178 KB
59 KB 49ms
49ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b5fc1da4649d758b162e5437283cf34cd311d9fd7dfb4e8ad3306eee78e95d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
etag: 3605888372427282304
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 24 Nov 2024 07:54:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 60563
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-1838267179328910 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 285ms
66ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1838267179328910?href=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

205b890f09b1baf56445ddc9c98ac6219617ae0ccaf4f939c72fa27be90bb716

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zsep9w5PgGBmWrhL4PzVOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:30 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBiOHnrNtNFIJb4-pJJA4id0mewBgFx681zrFOBOOnfedYiIDZUuMTqCMJFl1g9gVi15xKrKRDfX3eJ9TkQzzh_mXUBEBdJXGFtAuLbTVdYHwMxw9crrBxALMTDsW179y42gQ0LrqxkVtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDS01DMwjC8wAABgTkbV"
content-security-policy: script-src 'report-sample' 'nonce-Zsep9w5PgGBmWrhL4PzVOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 /
onetag-sys.com/usync/ Frame CBCA 0
0 206ms
47ms Document
text/html 51.222.39.186
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7516a748d25c406&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.186 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip186.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1560
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 sync
cookies.nextmillmedia.com/ Frame D664 0
0 447ms
50ms Document
text/html 135.148.55.236
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Requested by: Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.55.236 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns1011207.ip-135-148-55.us
Software: fasthttp /
Resource Hash

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 3345
content-type: text/html
date: Sun, 24 Nov 2024 07:54:30 GMT
server: fasthttp

GET
H2 200 isyn
prebid.a-mo.net/ Frame 06ED 0
0 154ms
44ms Document
text/html 125.253.89.184
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
Requested by: Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 125.253.89.184 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 654
content-type: text/html; charset=utf-8
date: Sun, 24 Nov 2024 07:54:30 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 3

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ 11 KB
4 KB 164ms
30ms Script
application/javascript 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9f184b71270cacb6f82245aed56defc8891dd489cc3a175da7ff7e674b362e98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: max-age=146270
content-encoding: gzip
expires: Tue, 26 Nov 2024 00:32:20 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 3393
date: Sun, 24 Nov 2024 07:54:30 GMT
last-modified: Wed, 13 Nov 2024 05:17:03 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2

200

sync
rtb.hhkld.com/tools/
Redirect Chain

https://sync.adkernel.com/user-sync?zone=201966&t=image&r=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D78%26uid%3D%7BUID%7D
https://x.bidswitch.net/sync?ssp=xapads&user_id=A1490592139165956810
https://x.bidswitch.net/ul_cb/sync?ssp=xapads&user_id=A1490592139165956810
https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=8c0b5cd1-4100-43af-ab76-c003881d86bb&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
https://x.bidswitch.net/sync?dsp_id=440&ssp=xapads&user_id=dTowQUxoMDdwNWNkM3RsWXc0b2FKaTA=
https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=8c0b5cd1-4100-43af-ab76-c003881d86bb
https://rtb.hhkld.com/tools/sync?dsp=78&uid=A1490592139165956810

43 B
359 B

143ms
141ms

Image
image/gif

185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.hhkld.com/tools/sync?dsp=78&uid=A1490592139165956810
Requested by: Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/
Protocol: H2
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: Wed, 11 Nov 1998 11:11:11 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: image/gif
last-modified: Sun, 24 Nov 2024 07:54:31 GMT
server: nginx
access-control-allow-headers: Content-Type, *

Redirect headers

Cache-Control: no-store
Location: https://rtb.hhkld.com/tools/sync?dsp=78&uid=A1490592139165956810
Content-Length: 0
Date: Sun, 24 Nov 2024 07:54:31 GMT
Server: nginx
Connection: close

GET
H2 200 cookie
cm.adform.net/ 35 B
476 B 471ms
151ms Image
image/gif 37.157.4.29
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
Requested by: Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

GET
H3 200 hls.light.min.js Show response
cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.12/ 261 KB
68 KB 505ms
88ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.12/hls.light.min.js

Requested by

Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18268689d4d2c9a61373b3e56e1e70cb60628494602c9bd4b37f5e736b76d412

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "64f872a6-10dfd"
age: 310614
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XS72nuIY9jBiTq4E9goVZA00IqhSF%2BQa0Xetn9DyA7aI99LVXF4OevZXK2ZGxoOyJsdouXw4khovAwnL83BapOOdU%2BbCzr94Qd%2B6UhSTi4MhSQTdM1IfrJq0HiUTLFDzjvaut2v8lgl%2B7XMnvJbuoZiC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 07:54:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 06 Sep 2023 12:37:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e77d4da7f998c09-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69117
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 109 KB
33 KB 230ms
79ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1903e324a04725a5c194590142dad119b61b092d7fd3acea2252d759bd47285f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
etag: 795 / 20051 / m202411180101 / config-hash: 79477889192541496
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33794
x-xss-protection: 0
server: cafe

GET
H2 200 site Show response
logs.hhkld.com/logs/req/ 2 B
272 B 500ms
217ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/req/site?event=playerLoaded&uid=50b80a04-b567-4a9f-b1e3-47fb35fb0986&cd=1732434870979&sid=109401&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=2531&t_player_start=31
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 286ms
84ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WnJuypUKoPYK7gJrF0zOmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBicEqfwRoExAxfr7ByALEQN8f27d272AQ2_N5eruSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0NLfUMTOMLDAAD5iYd"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WnJuypUKoPYK7gJrF0zOmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxUZlLOsDmQrN9K5-F2HKy4YNFUcFfoENYjqCx6GS66uUx23SaInbIdTY9qpkkQbmrE9dNXvB2UCAgMyyxt4WtsYVKms7xYhYS_HxSME_1W2T2gZD_sxusOZOJJOFUlGQ5hPtTJmeg== Show response
fundingchoicesmessages.google.com/f/ 64 KB
20 KB 87ms
85ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUZlLOsDmQrN9K5-F2HKy4YNFUcFfoENYjqCx6GS66uUx23SaInbIdTY9qpkkQbmrE9dNXvB2UCAgMyyxt4WtsYVKms7xYhYS_HxSME_1W2T2gZD_sxusOZOJJOFUlGQ5hPtTJmeg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNDM0ODcxLDY5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL215MzY5MzcxLXZpbmNjaS1wYXJhZGlnbS1tYWxsLmNvbnRhY3QucGFnZS8iLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQ0OTIsMzEwODg0NTRdLDQsNl0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbb30d314fb2251def4b716d5694d72a10af360cc84aa925fb95e637e129a106

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kKUPIr3hiVPymVzRgpzZtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0C4ttNV1gfAzHD1yusHEAsxM2xfXv3LjaBC6sOWylpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoaWuoZGMYXGAAA9F9BZQ"
content-security-policy: script-src 'report-sample' 'nonce-kKUPIr3hiVPymVzRgpzZtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 233ms
85ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=web_iab_us_states_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 24 Nov 2024 07:54:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 1 KB
529 B 201ms
67ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70094fd2d218364b8a860669b04698eef9a5b92d66e7785031995be948df9622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 24 Nov 2024 07:54:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 6 KB
778 B 202ms
68ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1b5a501fc26eb56e0b99cd686a022bfad51b34e3942e51170473cbe4fdecaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 24 Nov 2024 06:22:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 656 B
861 B 202ms
69ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbe2c130b9f2e157e42a20f6b5877254c24afb93d4cb25ca0df74750b8428b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 24 Nov 2024 07:54:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 6 KB
779 B 202ms
70ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text_old:400,500,700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1b5a501fc26eb56e0b99cd686a022bfad51b34e3942e51170473cbe4fdecaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 24 Nov 2024 06:17:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 95ms
86ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VJe2F16FPwB3PyIPjner6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBicEqfwRoExAxfr7ByALEQN8f27d272AR-zD5fruSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0NLfUMTOMLDAACeiYZ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VJe2F16FPwB3PyIPjner6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 94ms
87ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HA7c4ZNu7kgnlNJXEM9-SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1JBicEqfwRoExAxfr7ByALEQN8f27d272AQ6JrwtV3JJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhoaGlnoGpvEFBgDuLyXN"
content-security-policy: script-src 'report-sample' 'nonce-HA7c4ZNu7kgnlNJXEM9-SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 91ms
85ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EeyBo9gpM34toTjgotf2BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBicEqfwRoExAxfr7ByALEQN8f27d272ARmNPZUKLkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQ0NDSz0D0_gCAwDUVSVw"
content-security-policy: script-src 'report-sample' 'nonce-EeyBo9gpM34toTjgotf2BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 F3uT4SAOuR7BZhWQ8dVXY--0PjXt20PV5PBnznQHReIbTkLZXox4N6EGhB9zQnYAsjq4SBuGO2sLvZ6V6t974mYdKQodgbFjZKWB1a6jkzenmom3AI0MIg=h60
lh3.googleusercontent.com/ 2 KB
2 KB 373ms
79ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/F3uT4SAOuR7BZhWQ8dVXY--0PjXt20PV5PBnznQHReIbTkLZXox4N6EGhB9zQnYAsjq4SBuGO2sLvZ6V6t974mYdKQodgbFjZKWB1a6jkzenmom3AI0MIg=h60

Requested by

Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1098ed4396a0c57ae11ebe521193d6f9e99c5aa6f562f63f51aa8ee6dd294034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 07:54:31 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1863
date: Sun, 24 Nov 2024 07:54:31 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="unnamed.png"

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 235ms
232ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0XeOE72hZYBGTWvGcRzKeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBicEqfwRoExAxfr7ByALEQN8f27d272ARubOirVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhoaGlnoGpvEFBgDt1SXQ"
content-security-policy: script-src 'report-sample' 'nonce-0XeOE72hZYBGTWvGcRzKeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVYpGVaRsRRE29IRK0PffbfcseocmZG9JIFflRQLSCFfnySAK1J1EEQdvXH3jPv5x43zZpD2NxzBUUeSmYtyHMJyCr9qpfLJ5aVqf4bswZEx1yIalIoRJ3RDQHEv_nhGlRKSbUKTQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 89ms
88ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVYpGVaRsRRE29IRK0PffbfcseocmZG9JIFflRQLSCFfnySAK1J1EEQdvXH3jPv5x43zZpD2NxzBUUeSmYtyHMJyCr9qpfLJ5aVqf4bswZEx1yIalIoRJ3RDQHEv_nhGlRKSbUKTQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNDM0ODcxLDIxMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTFdXSwiaHR0cHM6Ly9teTM2OTM3MS12aW5jY2ktcGFyYWRpZ20tbWFsbC5jb250YWN0LnBhZ2UvIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg0NDkyLDMxMDg4NDU0XSw0LDZdIl0sWzE5LCIyIl0sWzEzLCJbXCJEQkFCTH5CVlFxQUFBQUFnXCIsW1s3LFsxNzMyNDM0ODcxLDEwNjEyOTAwMF1dXV0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04d7680153f937c469e7f9ffaebb9481e33877a34c7b864eabd9c782854dc4ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-riGDJpJiNNVkLzru2Qlf6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1pBiOHnrNtNFIJb4-pJJA4id0mewBgFx681zrFOBOOnfedYiIDZUuMTqCMJFl1g9gVi15xKrKRDfX3eJ9TkQzzh_mXUBEBdJXGFtAuLbTVdYHwMxw9crrBxALMTNsX179y42gRN_P9UpaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGlrqGRjGFxgAADlARzk"
content-security-policy: script-src 'report-sample' 'nonce-riGDJpJiNNVkLzru2Qlf6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame D736 0
0 3ms
3ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 54
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:53:36 GMT
etag: 17661348622971093804
expires: Sun, 08 Dec 2024 07:53:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame E902 0
0 1ms
1ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 54
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:53:36 GMT
etag: 17661348622971093804
expires: Sun, 08 Dec 2024 07:53:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame EF7D 0
0 1ms
0ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 54
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:53:36 GMT
etag: 17661348622971093804
expires: Sun, 08 Dec 2024 07:53:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 60ms
55ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 281
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 07:49:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 24 Nov 2024 07:49:50 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H2 200 dsp Show response
logs.hhkld.com/logs/event/ 2 B
271 B 217ms
208ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=109401&tids=55755&pos=1&imp=0&run=1&cd=1732434871307&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=2858&t_player_start=358
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 74ms
71ms Fetch
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z7GJYTLSNH&gtm=45je4bk0v868708545za200&_p=1732434869580&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1450241214.1732434870&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1732434869&sct=1&seg=0&dl=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&dt=Vincci%20Paradigm%20Mall%20contact%20information.%20Shoes%20-%20Exporters%20%26%20Importers%2C%20in%20Selangor&_s=2&tfd=2889
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z7GJYTLSNH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2
fonts.gstatic.com/s/googlesymbols/v307/ 736 KB
736 KB 154ms
40ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesymbols/v307/HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cd9621446b31bf5bb83846d1bd5bcfc36480e8c7523ed434d6ce3681c02718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://my369371-vincci-paradigm-mall.contact.page
Referer: https://fonts.googleapis.com/

Response headers

age: 186243
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 04:10:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:10:28 GMT
last-modified: Wed, 20 Nov 2024 00:00:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 753268
x-xss-protection: 0
server: sffe

GET
H3 200 106213651 Show response
fundingchoicesmessages.google.com/i/ 196 KB
63 KB 99ms
94ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/106213651?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5c41cc4ec71564f4e6e627fd3424e6832da70757bea8d52c10ac96cddf0dd80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Ib309vVyjrZqXDTvPmb0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:31 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0C4ttNV1gfAzHD1yusHEAsxMOxfXv3LjaBFX8fHGZS0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0NLTUMzCMLzAAAE4ZQjw"
content-security-policy: script-src 'report-sample' 'nonce-3Ib309vVyjrZqXDTvPmb0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 19_ENG.m3u8 Show response
vi.hhkld.com/vi/ 507 B
975 B 671ms
124ms XHR
application/vnd.apple.mpegurl 141.94.202.179
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://vi.hhkld.com/vi/19_ENG.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.12/hls.light.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns31491885.ip-141-94-202.eu
Software: nginx /
Resource Hash: 1527fcdc91369944abe4b7518604b7f8ceed4f0a98f5fe78be70927a3ef7a8b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: max-age=300, public, max-age=300
access-control-expose-headers: Content-Length,Content-Range
etag: "669685de-1fb"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Nov 2024 07:59:32 GMT
accept-ranges: bytes
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 507
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Tue, 16 Jul 2024 14:38:22 GMT
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 64ms
63ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://my369371-vincci-paradigm-mall.contact.page
Referer: https://fonts.googleapis.com/

Response headers

age: 169057
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 08:56:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 08:56:54 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 000B 0
0 376ms
47ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:13:49 GMT
expires: Sun, 24 Nov 2024 08:03:49 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 452ms
65ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 81007
via: 1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: uf8rPbZd71r-FIM7brB0_BZLqvPOFiC1Radw8uCkg5N3Cpsx2ex8eg==
date: Sat, 23 Nov 2024 09:24:26 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 790ms
144ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

etag: 96161c00fc10ad819c09e1314f0ae5b4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 17:54:21 GMT
server: Google Frontend
x-cloud-trace-context: 603e9fcc03d45d1d22e41dfe9fe0e287

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
29 KB 513ms
73ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

x-amz-id-2: 8C3HeN/2sdR7xhD5JppSkyGDakCH8nftCMy8/8kb1Kd0YsRVA8U10zD6jUIDHTOhFrB01Q7gVrI=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"a7da20199e9cb2cd9232f608481d0778"
age: 1624
x-amz-request-id: 9FVVVDEAD9SH8CVW
cf-ray: 8e77d4dfec18421d-EWR
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 13 Nov 2024 11:06:09 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
903 B 505ms
66ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age: 30051
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230042-FRA, cache-ewr-kewr1740073-EWR
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 439
x-jsd-version: master

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 532ms
80ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Mon, 25 Nov 2024 07:54:32 GMT
access-control-allow-origin: *
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 533ms
82ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 187975
x-goog-stored-content-encoding: gzip
expires: Sat, 22 Nov 2025 03:41:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Fri, 22 Nov 2024 03:41:37 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC4t03ktWx4NJjs2smSWwZ4Y3v9_2gOcuA3FU1ZIDarcIrIr2oEvk2ZraAupjlaatJ0onfw
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 424 B
176 B 267ms
266ms Fetch
text/plain 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1562874717238368&correlator=1835736701837148&eid=31086814%2C31084490&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&gdpr=0&us_privacy=1YNN&gpp=DBABL~BVQqAAAAAg&gpp_sid=7&iu_parts=7047%3A22611285429%2Capl%2Cdisplaypartner%2Cviaaplads7047%2C1.0&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C300x250%7C250x250%7C200x200%7C300x100%7C120x240%7C180x150%7C320x50%7C125x125%7C300x50%7C234x60%7C120x60%7C88x31&ifi=8&didk=1301836947&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Da76aed1a88d431c3%3AT%3D1732434870%3ART%3D1732434870%3AS%3DALNI_MbwHAd5SulK_eGsnxKoEfRWKrq88A&gpic=UID%3D00000db39976d5f8%3AT%3D1732434870%3ART%3D1732434870%3AS%3DALNI_MZhhCrc0tMqU8HJG4STks0zRtr6YA&abxe=1&dt=1732434871840&adxs=1257&adys=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&vis=1&psz=350x-1&msz=350x-1&fws=516&ohw=350&td=1&egid=25769&tan=0589a0e2-bfcc-4ef1-8f0f-0e3c2331c481&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732434869548&idt=2024&adks=1721236132&frm=20&eo_id_str=ID%3Dffdaf148ff274289%3AT%3D1732434870%3ART%3D1732434870%3AS%3DAA-AfjbPDDgHTrEkv243fO5lCyiQ

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c5c86d8f8be75a98c5e74f464e7d9b1d220a1128e552baf77587ec1556afc25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 146
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
e5da47b7e63fe12333f661697eddee36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2563 0
0 479ms
70ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e5da47b7e63fe12333f661697eddee36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:54:32 GMT
expires: Sun, 24 Nov 2024 07:54:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8E0E 0
0 234ms
67ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=1283873&predirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=1YNN&gpp=&gpp_sid=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=23835
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Sun, 24 Nov 2024 07:54:32 GMT
expires: Sun, 24 Nov 2024 14:31:47 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 200 post_ads_ Show response
fundingchoicesmessages.google.com/f/AGSKWxVx9z3N6oL80PTe-IuGofShvvZsppYAYm7oHaSEuSCzVihx8zqnt44SexznoV9_mdsmgpLdEnUhsdiN4CIumV22QNMaQgrUl6soIxGzUlp3m9l7cRkDaD5FGv8-4nlxEMjL4MrtYVN1B6sSzgbwQgrcm_saK... 54 B
108 B 85ms
84ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVx9z3N6oL80PTe-IuGofShvvZsppYAYm7oHaSEuSCzVihx8zqnt44SexznoV9_mdsmgpLdEnUhsdiN4CIumV22QNMaQgrUl6soIxGzUlp3m9l7cRkDaD5FGv8-4nlxEMjL4MrtYVN1B6sSzgbwQgrcm_saKN9aCIclGhmYLuvL6Ub-lLgmJChTS5Kr/_/ad_home_/ads/box300./760x120_/common/ad_/post_ads_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_us_states_wall_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

940b3a1f1a9b813f149b3d19e18868dbfabeecec7839cea8b291e7df0aaefaf8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PQYwRpz8B-Jqgws0cucGVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0C4ttNV1gfAzHD1yusHEAsxM2xY3v3LjaBGefu8itpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoaWuoZGMYXGAAA7rFBQg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PQYwRpz8B-Jqgws0cucGVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_us_states_wall_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
etag: 2157040660662159465
age: 1440
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 08:30:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 24 Nov 2024 07:30:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15113
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 81ms
78ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yzcBoj9O5njN61gevOnrSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBicEqfwRoExAxfr7ByALEQN8eO7d272ARuzFwupOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0NLfUMTOMLDADU3iVz"
content-security-policy: script-src 'report-sample' 'nonce-yzcBoj9O5njN61gevOnrSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 175ms
174ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IEOhvDmscRYyhi1LBX21GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBicEqfwRoExAxfr7ByALEQN8eO7d272AQ-XNnmreSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0NLfUMTOMLDAAEvSYY"
content-security-policy: script-src 'report-sample' 'nonce-IEOhvDmscRYyhi1LBX21GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 175ms
171ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pK0ZWLyPoLbF3J88P3BDHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BicEqfwRoExAxfr7ByALEQN8eO7d272AQWdPabKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQ0NDSz0D0_gCAwDCrCU1"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pK0ZWLyPoLbF3J88P3BDHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 171ms
168ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CG78DZS--bPUxsSn_7bMVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBicEqfwRoExAxfr7ByALEQN8eO7d272AQ-PPhuouSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0NLfUMTOMLDAANOSY9"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CG78DZS--bPUxsSn_7bMVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVWL9LgoeVpHIOZalgFWquhHgr__rHWPGrUh-8VRocnq3PRneDx2YyjT3IqS8A5LtH9JoNEwj6j3MDmrdxvpm-HIX4hOKOyJPGMkYB9ZgkNeylz2x1DkrxflnreqtokUdTRyX6cLw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 148ms
146ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVWL9LgoeVpHIOZalgFWquhHgr__rHWPGrUh-8VRocnq3PRneDx2YyjT3IqS8A5LtH9JoNEwj6j3MDmrdxvpm-HIX4hOKOyJPGMkYB9ZgkNeylz2x1DkrxflnreqtokUdTRyX6cLw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNDM0ODcyLDc4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNywxMSw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9teTM2OTM3MS12aW5jY2ktcGFyYWRpZ20tbWFsbC5jb250YWN0LnBhZ2UvIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg0NDkyLDMxMDg4NDU0XSw0LDZdIl0sWzE5LCIyIl0sWzEzLCJbXCJEQkFCTH5CVlFxQUFBQUFnXCIsW1s3LFsxNzMyNDM0ODcxLDEwNjEyOTAwMF1dXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08499c92dad7c8c779214d6e7b088224d4249b671366cd0fb82bfb1cea7bd5a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EsPEeUr6wCrp8WNTNdOIoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0C4ttNV1gfAzHD1yusHEAsxM2xY3v3LjaBB1OfWyppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoaWuoZGMYXGAAA_zpBjQ"
content-security-policy: script-src 'report-sample' 'nonce-EsPEeUr6wCrp8WNTNdOIoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 dsp Show response
logs.hhkld.com/logs/event/ 2 B
271 B 335ms
331ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=109401&tids=55104&pos=2&imp=0&run=1&cd=1732434872222&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=3773&t_player_start=1273
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 432 B
187 B 214ms
210ms Fetch
text/plain 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1562874717238368&correlator=1835736701837148&eid=31086814%2C31084490&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&gdpr=0&us_privacy=1YNN&gpp=DBABL~BVQqAAAAAg&gpp_sid=7&iu_parts=21842480936%3A22785811991%2Cca-pub-6846559377126874-tag%2CViads%2C1.0&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=336x280%7C300x250%7C250x250%7C200x200%7C300x100%7C120x240%7C180x150%7C320x50%7C125x125%7C300x50%7C234x60%7C120x60%7C88x31&ifi=9&didk=3684116110&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Da76aed1a88d431c3%3AT%3D1732434870%3ART%3D1732434870%3AS%3DALNI_MbwHAd5SulK_eGsnxKoEfRWKrq88A&gpic=UID%3D00000db39976d5f8%3AT%3D1732434870%3ART%3D1732434870%3AS%3DALNI_MZhhCrc0tMqU8HJG4STks0zRtr6YA&abxe=1&dt=1732434872231&adxs=1257&adys=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&vis=1&psz=350x-1&msz=350x-1&fws=516&ohw=350&td=1&egid=25769&tan=0589a0e2-bfcc-4ef1-8f0f-0e3c2331c482&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732434869548&idt=2024&adks=2671897019&frm=20&eo_id_str=ID%3Dffdaf148ff274289%3AT%3D1732434870%3ART%3D1732434870%3AS%3DAA-AfjbPDDgHTrEkv243fO5lCyiQ

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe685b258b8bf047e40526a5a5b533efd5d4d887aa583f278551c00608a041f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 157
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 60ms
59ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YeIOLSavFf69spxPwLxyyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BicEqfwRoExAxfr7ByALEQD8eO7d272AQmnPw6h1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAABbhJjM"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YeIOLSavFf69spxPwLxyyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXGpPdLdxTvx6GXqhglbGtwyJ28h0ZNq8BD-SmWAC0uBUbgDeD3a-rJViLSbH_iaZnaBHmJZBJw1pBMYP046hPfhAFcz7Q9jnsEIKWkRI1ApbRZu-rS9d2SbHhrKh8d5_Hs6daH5w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 67ms
67ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXGpPdLdxTvx6GXqhglbGtwyJ28h0ZNq8BD-SmWAC0uBUbgDeD3a-rJViLSbH_iaZnaBHmJZBJw1pBMYP046hPfhAFcz7Q9jnsEIKWkRI1ApbRZu-rS9d2SbHhrKh8d5_Hs6daH5w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNDM0ODcyLDI5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTEsNiwxNV0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbXkzNjkzNzEtdmluY2NpLXBhcmFkaWdtLW1hbGwuY29udGFjdC5wYWdlLyIsbnVsbCxbWzgsIjl6NWtkZHRLZlVvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDQ5MiwzMTA4ODQ1NF0sNCw2XSJdLFsxOSwiMiJdLFsxMywiW1wiREJBQkx-QlZRcUFBQUFBZ1wiLFtbNyxbMTczMjQzNDg3MSwxMDYxMjkwMDBdXV1dIl0sWzIsIltudWxsLFtudWxsLDEsWzE3MzI0MzQ4NzIsMTEzMjk4MDAwXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8e3179617fd44649c8138f5115d5a6c146b5aa62a21237b3e8477cfc12c155c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fsmwFVoT7CPQ0SGNEQOybw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0C4ttNV1gfAzHD1yusHEAsxMOxY3v3LjaBA1snLmJU0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0NLTUMzCMLzAAADIMQZw"
content-security-policy: script-src 'report-sample' 'nonce-fsmwFVoT7CPQ0SGNEQOybw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
713 B 258ms
77ms XHR
application/json 3.227.77.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.77.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-77-161.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f31bd36beee4beed720b4620955925d462aec53f39dde0e92d10417ca0d06cd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.14.73
server: Jetty(9.4.38.v20210224)

POST
H3 204 AGSKWxViU4HybhnGUUCL2UJR-PFQGNr2jkc1grmlGXF_06iu7twq6bZakRevmA8HAGa57Cip7YZ610-USsJ-ZBbYPcovflyQPw50wMzSZvxV634Rk20EHZBa35fKqGZdffcaW1c0begHbg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 72ms
71ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxViU4HybhnGUUCL2UJR-PFQGNr2jkc1grmlGXF_06iu7twq6bZakRevmA8HAGa57Cip7YZ610-USsJ-ZBbYPcovflyQPw50wMzSZvxV634Rk20EHZBa35fKqGZdffcaW1c0begHbg==?dmid=bb965c8f0e24ba75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nxvZhODFcv0PX7lTp8sN7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BicEqfwRoExAxfr7ByALEQD8eO7d272AQenPl0glHJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAAD30Jrc"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nxvZhODFcv0PX7lTp8sN7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVELNP-uX1oKM7KPqwnvtHINGQBg8oyDurHBvWwueNzHq-93e2o8NMC8aZVjAEw8MdBPQeWKeK2pat1HeM-50iaJqgh2ZTKec46B64rYGzKA2eEupzE9vTcpd-BclgVD8-98j0n2g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 90ms
90ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVELNP-uX1oKM7KPqwnvtHINGQBg8oyDurHBvWwueNzHq-93e2o8NMC8aZVjAEw8MdBPQeWKeK2pat1HeM-50iaJqgh2ZTKec46B64rYGzKA2eEupzE9vTcpd-BclgVD8-98j0n2g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNDM0ODcyLDM3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTEsNiwxNSw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9teTM2OTM3MS12aW5jY2ktcGFyYWRpZ20tbWFsbC5jb250YWN0LnBhZ2UvIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg0NDkyLDMxMDg4NDU0XSw0LDZdIl0sWzE5LCIyIl0sWzEzLCJbXCJEQkFCTH5CVlFxQUFBQUFnXCIsW1s3LFsxNzMyNDM0ODcxLDEwNjEyOTAwMF1dXV0iXSxbMiwiW251bGwsW251bGwsMSxbMTczMjQzNDg3MiwxMTMyOTgwMDBdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b22d214902f4d822a62fe4b6591752acdc512852568aafaf96cee553e4cc72ee

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mrUKA8rLIP3talzY0yGSMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0C4ttNV1gfAzHD1yusHEAsxMOxY3v3LjaBA9uuX2BU0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0NLTUMzCMLzAAAEU4Qg8"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mrUKA8rLIP3talzY0yGSMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
258 B 505ms
167ms XHR
text/plain 162.19.138.116
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
date: Sun, 24 Nov 2024 07:54:32 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

POST
H3 204 AGSKWxXI08tGfp_lLRV3lqdWFNcK8mnzN7p3qd2wZIq1nH40R4XxjSt7VgWjoFqBPQDANWTQweAGV2Sma40nMyGRKEsHXWKHYjDCJ7xBkdG2VVJ8n7SNjX5ruCd58CGIARSi5YDelQ4CgQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 66ms
62ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXI08tGfp_lLRV3lqdWFNcK8mnzN7p3qd2wZIq1nH40R4XxjSt7VgWjoFqBPQDANWTQweAGV2Sma40nMyGRKEsHXWKHYjDCJ7xBkdG2VVJ8n7SNjX5ruCd58CGIARSi5YDelQ4CgQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HhgXb5LGRbb8HDMV-st8Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0gDi9BmsQUDM8PUKKwcQC_Fw7NjevYtNoOPtxc-MSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjE0NDQUs_ANL7AAAArhSZ-"
content-security-policy: script-src 'report-sample' 'nonce-HhgXb5LGRbb8HDMV-st8Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
59ms XHR
text/html 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBBw1IJHbP6ENfu3SE-45LsWgAkSzWjMIiNKeN02bNk_TGewFutxi5K7YT0RZM-DALSELkdp6yB9pfB0t_9ptOHm7tPTd7qYwTBHWVSGEiNIFhLzN6QOqnJv_xrS_WUScOgq5XeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-APXfCrjPizuMEefq24040Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoExAxfr7ByALEQD8eO7d272ARe7L7-mVHJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAADtPJrM"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-APXfCrjPizuMEefq24040Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 424 KB
145 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:32 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148132
date: Sun, 24 Nov 2024 07:54:32 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 581 B
164 B 201ms
198ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05c4a67116122c30f390b002060cb9a2740ce4855b8f39a0596a22a78217c01e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:32 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 139
date: Sun, 24 Nov 2024 07:54:32 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame C52E 0
0 37ms
35ms Document
text/html 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 29468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 23:43:24 GMT
expires: Sun, 23 Nov 2025 23:43:24 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 175ms
62ms Script
text/javascript 2607:f8b0:4006:817::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:32 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Sun, 24 Nov 2024 07:54:32 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 dsp Show response
logs.hhkld.com/logs/event/ 2 B
271 B 132ms
130ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=109401&tids=54296&pos=3&imp=0&run=1&cd=1732434872649&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=4201&t_player_start=1701
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F510 45 KB
15 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 1069
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 08:36:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:36:43 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 201 B
465 B 280ms
135ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 609f7e7afda89c65a4b96274e29e4f158efd5cfc9a0d5d454c6a899f32dab1e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201
date: Sun, 24 Nov 2024 07:54:32 GMT
content-type: application/json
x-cloud-trace-context: 6e1662c023b09a2eeb319639c4041f40
server: Google Frontend
access-control-allow-headers: X-Requested-With

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 171ms
52ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ece9b11c35c6f4c79d52163965b624852566b6360a9035de33e58d46c28435d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13217
date: Sun, 24 Nov 2024 07:54:33 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 cp_favicon-0d81a63719bdd7fb5408320af9bfefd3.png
my369371-vincci-paradigm-mall.contact.page/assets/ 2 KB
2 KB 240ms
240ms Other
image/png 3.6.30.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://my369371-vincci-paradigm-mall.contact.page/assets/cp_favicon-0d81a63719bdd7fb5408320af9bfefd3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.6.30.125 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-6-30-125.ap-south-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 374152a78dc026a3d08416c7b82658db2a7138ebe7fc6b0ab6bd9623be0f8005

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

accept-ranges: bytes
content-length: 2265
date: Sun, 24 Nov 2024 07:54:33 GMT
etag: "637e09e1-8d9"
content-type: image/png
last-modified: Wed, 23 Nov 2022 11:54:09 GMT
server: nginx

GET
H2 200 syncframe
gum.criteo.com/ Frame 5499 0
0 176ms
42ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=my369371-vincci-paradigm-mall.contact.page&gdpr=0&gdpr_consent=&gpp=DBABL~BVQqAAAAAg&gpp_sid=7

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:54:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 402071
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 156ms
41ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:54:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:54:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 dsp Show response
logs.hhkld.com/logs/event/ 2 B
271 B 109ms
103ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=109401&tids=55643&pos=4&imp=0&run=1&cd=1732434873584&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=5136&t_player_start=2636
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:33 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 441 B
187 B 218ms
218ms Fetch
text/plain 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1562874717238368&correlator=1835736701837148&eid=31086814%2C31084490&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&gdpr=0&us_privacy=1YNN&gpp=DBABL~BVQqAAAAAg&gpp_sid=7&iu_parts=22917490941%3A22785811991%2Copamarketplace%2Cdisplaypartner%2Cviaapladsopa%2C1.0&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280%7C300x250%7C250x250%7C200x200%7C300x100%7C120x240%7C180x150%7C320x50%7C125x125%7C300x50%7C234x60%7C120x60%7C88x31&ifi=10&didk=1476770603&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Da76aed1a88d431c3%3AT%3D1732434870%3ART%3D1732434870%3AS%3DALNI_MbwHAd5SulK_eGsnxKoEfRWKrq88A&gpic=UID%3D00000db39976d5f8%3AT%3D1732434870%3ART%3D1732434870%3AS%3DALNI_MZhhCrc0tMqU8HJG4STks0zRtr6YA&abxe=1&dt=1732434873600&adxs=1257&adys=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&vis=1&psz=350x-1&msz=350x-1&fws=516&ohw=350&td=1&egid=25769&tan=0589a0e2-bfcc-4ef1-8f0f-0e3c2331c483&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732434869548&idt=2024&adks=913274102&frm=20&eo_id_str=ID%3Dffdaf148ff274289%3AT%3D1732434870%3ART%3D1732434870%3AS%3DAA-AfjbPDDgHTrEkv243fO5lCyiQ

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3831648d16b211d86d8e8f4523ec0ecfc7b203d4b9713dc9abf9f1518ab9164d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 24 Nov 2024 07:54:33 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 157
x-xss-protection: 0
server: cafe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 2F7E 0
0 125ms
29ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:51:32 GMT
expires: Sun, 24 Nov 2024 08:41:32 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame CC83 0
0 136ms
49ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FSCXNLoN0YhrMrfY8RqdCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FSCXNLoN0YhrMrfY8RqdCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 07:54:33 GMT
expires: Sun, 24 Nov 2024 07:54:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dsp Show response
logs.hhkld.com/logs/event/ 2 B
271 B 105ms
98ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=109401&tids=54179&pos=6&imp=0&run=1&cd=1732434873840&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=5391&t_player_start=2891
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:33 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 cs Show response
rtb.hhkld.com/search/ 11 KB
3 KB 325ms
320ms Fetch
application/json 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.hhkld.com/search/cs?zone=109401&w=350&h=197&vp=4&site=https%3A%2F%2Fmy369371-vincci-paradigm-mall.contact.page%2F&gdpr=0&consent=&pxratio=1&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 6036613340f483796531566b222de04d87bfaa681a3cb625b677fe90cb07e839

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 3074
date: Sun, 24 Nov 2024 07:54:34 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx
access-control-allow-headers: Content-Type, *

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 74D9 56 KB
20 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

609f8404e03c0751d7b80cfddfa6c0d434a11dd307a69eec33c6027756ae5d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

content-encoding: gzip
age: 752
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 07:57:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:42:02 GMT
last-modified: Wed, 20 Nov 2024 19:22:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=900
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 20376
x-xss-protection: 0
server: sffe

GET
H2 200 leZ.js Show response
d7jx9sbm8zc2k.cloudfront.net/vtag/ Frame 74D9 19 KB
11 KB 139ms
26ms Script
application/javascript 2600:9000:26fa:9c00:9:a47d:f700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d7jx9sbm8zc2k.cloudfront.net/vtag/leZ.js?zThv=0&UDBa=2q0a6&dFwY=IeOykA2qpfA4NokFS4t2YuithT8tBvIu1ML9xtyoRJo=&dlZt=6825e3ac-45d8-3355-aac6-1739f2eb2983&UXJuj=my369371-vincci-paradigm-mall.contact.page&fpGld=u4s6s9i1-0a3d8e1u6m5-2p9l8l4-5c8p2m2-3r2t4b7-3v8o&nFTB=208.252.80.175&HCve=chrome&PCNtQ=linux&rPdnM={subage}&QJPhB=US&BbeG=1a7t3l2a4r3z4r8c7v3z9c6p2&qUShO=109401809969232&wPXEk=my369371-vincci-paradigm-mall.contact.page_adbb3a75f206101210db7eb80eb0e690&JazTE=9f6d15af2daa26a45fbdc11b4e2ecf54
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:9c00:9:a47d:f700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0041261b27548aa328d958692bbf8919c85d3aa829ec9747a75eef493fe3b73d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"673ff583-4c4d"
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
expires: Tue, 24 Dec 2024 07:54:34 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: vMbhLFKQTrivkYRyOHEUnCSxhG9QXsHbmaMngfyEbXz8d7tdgCI6hQ==
date: Sun, 24 Nov 2024 07:54:34 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 03:07:47 GMT
server: nginx
x-amz-cf-pop: JFK52-P1
vary: Accept-Encoding

POST
H/1.1 200
OK ads.js
redirectlinkway.top/1732434874992/ Frame 74D9 5 KB
4 KB 405ms
280ms XHR
text/html 23.227.200.83
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redirectlinkway.top/1732434874992/ads.js?mod=h&c=206&bid_id=6825e3ac-45d8-3355-aac6-1739f2eb2983&pub=my369371-vincci-paradigm-mall.contact.page&exchange=u4s6s9i1-0a3d8e1u6m5-2p9l8l4-5c8p2m2-3r2t4b7-3v8o&ip=208.252.80.175&browser=chrome&os=linux&subage={subage}&cc=US&time=1a7t3l2a4r3z4r8c7v3z9c6p2&publisher_id=109401809969232&site_id=my369371-vincci-paradigm-mall.contact.page_adbb3a75f206101210db7eb80eb0e690&sec_id=9f6d15af2daa26a45fbdc11b4e2ecf54&xrtb_id=IeOykA2qpfA4NokFS4t2YuithT8tBvIu1ML9xtyoRJo&et2=0x0&ifm_ori=2||my369371-vincci-paradigm-mall.contact.page||my369371-vincci-paradigm-mall.contact.page
Requested by: Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.200.83 New York, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 23-227-200-83.static.hvvc.us
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary5DGYfWzshAyw8rPy
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Origin: *
Date: Sun, 24 Nov 2024 07:54:35 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 206
Partial Content 44e36e45-48d1-48c2-b7ef-86cf380f0abb_768_432_1700k.mp4
crcdn09.adnxs-simple.com/creative20/p/15410/2024/1/11/53590396/ 4 MB
0 131ms
24ms Media
video/mp4 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://crcdn09.adnxs-simple.com/creative20/p/15410/2024/1/11/53590396/44e36e45-48d1-48c2-b7ef-86cf380f0abb_768_432_1700k.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.25.1 /
Resource Hash

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-MD5: gI9rhnCXwktZTCntGSFSUw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DC129FDBF078CD
Age: 1548744
Expires: Fri, 29 Nov 2024 08:29:42 GMT
X-Cache: HIT, HIT
Date: Sun, 24 Nov 2024 07:54:35 GMT
Content-Type: video/mp4
Last-Modified: Thu, 11 Jan 2024 12:21:37 GMT
X-Served-By: cache-lga21962-LGA, cache-ewr-kewr1740029-EWR
X-Cache-Hits: 83540, 0
Cache-Control: max-age=3888000
X-Timer: S1732434875.130501,VS0,VE1
Connection: keep-alive
Content-Range: bytes 0-8428429/8428430
x-ms-request-id: 06566b5c-401e-000c-7bdc-1eb664000000
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8428430
x-ms-blob-type: BlockBlob
Server: nginx/1.25.1

GET
H/1.1

200
OK

Primary Request lp1-wifi.php Show response
goldenluckpath.click/bonus/com-us-5490/
Redirect Chain

https://redirectlinkway.top/visit.php?k=f2afb05c93afdb41ca47253b5f27b890&bid_id=6825e3ac-45d8-3355-aac6-1739f2eb2983&browser=chrome&c=206&cc=US&et2=0x0&exchange=ussi-adeum-pll-cpm-rtb-vo&ifm_ori=2%...
https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=K...

160 KB
16 KB

429ms
286ms

Document
text/html

34.74.215.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Requested by: Host: my369371-vincci-paradigm-mall.contact.page
URL: https://my369371-vincci-paradigm-mall.contact.page/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.74.215.184 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.215.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6f235f337b36099aedabb04917dd709c307d426807d5e2d55c4325dbd1a70669

Request headers

Referer: https://my369371-vincci-paradigm-mall.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Nov 2024 07:54:35 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding

Redirect headers

Cache-Control: private, no-cache
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Nov 2024 07:54:35 GMT
Location: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United States&region=Washington&city=Kent&isp=MCI Communications Services, Inc. d/b/a Verizon Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 rtb
logs.hhkld.com/logs/event/ 2 B
271 B 105ms
103ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/rtb?event2=imp&sid=109401&tid=112&rid=ct1dneatnms0pgdj77sgXx&price=0.53043&cur=USD&pos=6&imp=1&run=1&t_dsp_request=1606&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=6997&t_player_start=4497&start=3
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:35 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 player
logs.hhkld.com/logs/event/ 2 B
271 B 209ms
208ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/player?vis=99&pos=6&imp=1&event2=impression&run=1&cd=1732434875447&sid=109401&event=rtb&tid=54179&t_dsp_request=1607&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=6998&t_player_start=4498&start=3
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:35 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 rtb
logs.hhkld.com/logs/event/ 2 B
271 B 189ms
188ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/rtb?event2=start&sid=109401&tid=112&rid=ct1dneatnms0pgdj77sgXx&price=0.53043&cur=USD&pos=6&imp=1&run=1&t_dsp_request=1609&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=7000&t_player_start=4500&start=3
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:35 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 player
logs.hhkld.com/logs/event/ 2 B
271 B 208ms
207ms Fetch
text/plain 185.106.140.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/player?event2=start&run=1&cd=1732434875450&sid=109401&event=rtb&tid=54179&t_dsp_request=1610&v=2.29.4&rqid=5c1f688c42c3ec3fc93c6215ba269a5a&t_page_load=7001&t_player_start=4501&start=3
Requested by: Host: cdn.viads.net
URL: https://cdn.viads.net/player/2.29.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.207 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-length: 2
date: Sun, 24 Nov 2024 07:54:35 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 19_ENG0.ts
vi.hhkld.com/vi/ 573 KB
0 188ms
187ms XHR
video/mp2t 141.94.202.179
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://vi.hhkld.com/vi/19_ENG0.ts
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.12/hls.light.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns31491885.ip-141-94-202.eu
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://my369371-vincci-paradigm-mall.contact.page/

Response headers

cache-control: max-age=300, public, max-age=300
access-control-expose-headers: Content-Length,Content-Range
etag: "669685ea-1b0f5c"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Nov 2024 07:59:35 GMT
accept-ranges: bytes
access-control-allow-origin: https://my369371-vincci-paradigm-mall.contact.page
content-length: 1773404
date: Sun, 24 Nov 2024 07:54:35 GMT
content-type: video/mp2t
last-modified: Tue, 16 Jul 2024 14:38:34 GMT
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 bootstrap.min.css
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 187 KB
30 KB 242ms
42ms Stylesheet
text/css 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/bootstrap.min.css
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 7c22aaa9056a74258eaf6019c8fa67bc25e9f0b5ad8666adbf4ef3a6a0731030

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
content-encoding: br
etag: "66274705-2ecd0"
expires: Sun, 27 Oct 2024 04:04:10 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-cachedat: 10/26/2024 16:04:10
vary: Accept-Encoding
content-type: text/css
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=43200
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: e03f17461b4ce9a5e45244f1e3f9a7d4
cdn-pullzone: 2817996
cdn-proxyver: 1.05
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 210ms
27ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

content-encoding: gzip
etag: W/"28feccc0-155ed"
age: 2428304
x-cache: HIT, HIT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 110169, 75045
x-served-by: cache-lga21978-LGA, cache-ewr-kewr1740048-EWR
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1732434876.226041,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30336
server: nginx

GET
H2 200 main.js Show response
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 3 KB
2 KB 232ms
34ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/main.js
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: ef02d77ad1c8cd943c4a497895922f147d71a69819ed78cd40ae4c839bf2f5fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
content-encoding: br
etag: "67191a90-d02"
expires: Sat, 16 Nov 2024 14:10:49 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
last-modified: Wed, 23 Oct 2024 15:47:28 GMT
cdn-cachedat: 11/16/2024 02:10:49
vary: Accept-Encoding
content-type: application/javascript
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=43200
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 31af3cb992eff3497c482b6320df25bf
cdn-pullzone: 2817996
cdn-proxyver: 1.06
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 site-protect.js Show response
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 2 KB
1 KB 231ms
32ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/site-protect.js
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 9b03b0ca1ca957e987aa0b4777c751acf0e8d8814c0a3eb6b017be17872c4ce4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
content-encoding: br
etag: "66f3d4b5-92a"
expires: Sat, 16 Nov 2024 10:05:03 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
last-modified: Wed, 25 Sep 2024 09:15:33 GMT
cdn-cachedat: 11/15/2024 22:05:03
vary: Accept-Encoding
content-type: application/javascript
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=43200
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 6b705e0cacdde3c256056545f40b382a
cdn-pullzone: 2817996
cdn-proxyver: 1.06
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 s23-1.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 21 KB
22 KB 251ms
53ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/s23-1.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 75b661e193af320b485a2e7feead0fedb5a445815e1460ac383ce9e55445febd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-54d7"
expires: Sat, 23 Nov 2024 02:45:16 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 10/24/2024 02:45:16
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 4c7665274b7c5d75e1ead38b201adfe0
cdn-pullzone: 2817996
cdn-proxyver: 1.04
accept-ranges: bytes
content-length: 21719
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 11pro.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 19 KB
20 KB 241ms
43ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/11pro.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 69c1cf13697a284e5d0286a4fe27005964d6e30a2cfc24357fbe4cbdc9f0b31d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-4dec"
expires: Sun, 24 Nov 2024 11:55:14 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 10/25/2024 11:55:14
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 57270fcb4411ecec969a0d5b13fc40be
cdn-pullzone: 2817996
cdn-proxyver: 1.05
accept-ranges: bytes
content-length: 19948
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 amazon.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 6 KB
7 KB 59ms
58ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/amazon.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 4df8d3c8f985ced7135ee56f7f24f939d42545d790a02cc028e3df687489de15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-1926"
expires: Mon, 16 Dec 2024 03:31:35 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/16/2024 03:31:35
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 5bc867deb6a98c85731c1d63730fce19
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 6438
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 visa-1.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 21 KB
21 KB 44ms
44ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/visa-1.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 9456e5077cfa54580e804ee8c841846d884e2dbe394abfbb10bcd3e883a93b0c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-5361"
expires: Sat, 14 Dec 2024 00:50:47 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/14/2024 00:50:47
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 7768eb681710984923cdb01ca1dca53d
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 21345
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 walmart-1.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 5 KB
6 KB 32ms
28ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/walmart-1.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: b3877ba40ea2e23144a3f1493a62a44f4ead919cef4a5ced3d9519a4f491c313

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-15a7"
expires: Sun, 15 Dec 2024 22:05:04 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/15/2024 22:05:04
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: cf11e58672941625417f476fbe5e0f2e
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 5543
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 sheinhome750_1.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 14 KB
14 KB 35ms
30ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/sheinhome750_1.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: a08df3908c6997b2c6506ee26452084bb216058c7370c75edae1ec62c1063c8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-36d9"
expires: Fri, 13 Dec 2024 12:02:09 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/13/2024 12:02:09
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 1670875f48836286d653a8a3797ed517
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 14041
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 shell_gas_250_1.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 19 KB
19 KB 33ms
28ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/shell_gas_250_1.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 997b196fa0912e067f252d9f8028d6c4188f03bfa735c567e126195550be33d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-4a1d"
expires: Mon, 16 Dec 2024 03:31:35 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/16/2024 03:31:35
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: ec667a9d0084bb7504a54830527c01e6
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 18973
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 cashapp-1.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 6 KB
7 KB 33ms
29ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/cashapp-1.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 6f5779e97a89c58c476c51d3d9dde7b97b3bb2bf22f2b626d9dd595f80459b13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-19a9"
expires: Fri, 13 Dec 2024 04:57:30 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/13/2024 04:57:30
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 44dadf3797e3341e253a23446214df1c
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 6569
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 applestore.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 17 KB
17 KB 35ms
31ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/applestore.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 2a6be792edc86fdbc9964b7736f9d09304845b27fb30358391d83a31aa2178e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-4270"
expires: Fri, 13 Dec 2024 04:57:30 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/13/2024 04:57:30
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: a8af0759220d074e9375718ae6b7590c
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 17008
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 ps5.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 14 KB
15 KB 36ms
33ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ps5.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: c7eacedf673d12975b833840f986b1f476c73cf2df0b7c38c6d78ec89cd798ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-3993"
expires: Mon, 23 Dec 2024 04:29:36 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/23/2024 04:29:36
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 40c58982c0ea007ea03502c9f5f162f2
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 14739
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 netflix.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 9 KB
10 KB 35ms
32ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/netflix.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: d128304c0e7130093f9bfe090327935f9299231878d65d9f449aa54609b09afc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-2599"
expires: Mon, 23 Dec 2024 04:29:36 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/23/2024 04:29:36
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 6660502d53cd999ccdc0f7e1d405138f
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 9625
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 ssgif.jpg
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 23 KB
23 KB 40ms
37ms Image
image/jpeg 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ssgif.jpg
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 69e776baf1b4e5fd5d3ce142b52ce8afad9ef56f03c2ce9ff70650e66e309e0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-5a76"
expires: Fri, 13 Dec 2024 12:02:12 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/jpeg
cdn-cachedat: 11/13/2024 12:02:12
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 6b5ec943b9f2942b7605a9f0d1b4d8dc
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 23158
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 rta.gif
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 2 KB
2 KB 41ms
38ms Image
image/gif 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/rta.gif
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 4551bbe65d5fcbbae3d3435e661eb53c0695d7341704ca27d66a9d7f95de08c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-752"
expires: Mon, 23 Dec 2024 04:29:36 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/gif
cdn-cachedat: 11/23/2024 04:29:36
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 69ff9e0131975f6fecb8c8d9c6294046
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 1874
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H/1.1 200
OK ctrack.php
goldenluckpath.click/ 43 B
297 B 103ms
101ms Image
image/gif 34.74.215.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goldenluckpath.click/ctrack.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&t=0.18203362097401077
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.74.215.184 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.215.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache
Content-Encoding: gzip
Connection: keep-alive
Date: Sun, 24 Nov 2024 07:54:36 GMT
Content-Type: image/gif
Vary: Accept-Encoding
Server: nginx

GET push.js
goldenluckpath.click/push/ 0
0

GET
H2 200 verizon-ico.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 2 KB
2 KB 40ms
39ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/verizon-ico.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 90793662f8c87ef50ca3ea4bb817a0525d148c5ad2e51b5efdcf3d2b48262100

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-7ee"
expires: Mon, 23 Dec 2024 04:29:38 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/23/2024 04:29:38
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: c0044f52d591f486c4ebb852a394fb90
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 2030
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 verizon-logo-2.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 2 KB
3 KB 41ms
39ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/verizon-logo-2.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 1a047d6d649b30c91de9b3b2112fb21b0a054e3d06e963a0053bbbf78a4bf2d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-90d"
expires: Mon, 25 Nov 2024 16:03:45 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 10/26/2024 16:03:45
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: f4a992789a546f333105e1ccd1027180
cdn-pullzone: 2817996
cdn-proxyver: 1.05
accept-ranges: bytes
content-length: 2317
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 verizon-line.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 953 B
1 KB 23ms
23ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/verizon-line.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: d7bcfe3b3a2e7ff7aed720e76a464a9e642b4534f3dcb2f3a6dbab24420b6c58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-3b9"
expires: Fri, 13 Dec 2024 12:03:47 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/13/2024 12:03:47
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 621a98690f043d75a9fbf9abddcce76e
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 953
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 verizon-logo.png
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 4 KB
4 KB 31ms
31ms Image
image/png 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/verizon-logo.png
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/lp1-wifi.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: cc3dc51ae419ed3cfacc49a7a818d3f71baa612874a87e32268995374a96c275

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-fb2"
expires: Sat, 14 Dec 2024 00:50:46 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/png
cdn-cachedat: 11/14/2024 00:50:46
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: c34e65c5484a94c993dd7f18b6c1715b
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 4018
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

GET
H2 200 sprites.gif
global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/ 11 KB
11 KB 29ms
27ms Image
image/gif 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global-cdn-cc.b-cdn.net/bonus/com-us-5490/carrier/sprites.gif
Requested by: Host: goldenluckpath.click
URL: https://goldenluckpath.click/bonus/com-us-5490/global-bb.php?c=5vz1an73sz5hz2&k=77d4f9dcc90dcd3c5e416c067659f0ce&country_code=US&carrier=Verizon&country_name=United%20States&region=Washington&city=Kent&isp=MCI%20Communications%20Services,%20Inc.%20d/b/a%20Verizon%20Business&lang=en&os=&osv=&browser=Chrome&browserv=130&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: ded015b0c608cddc09e9d439f9de0f596f29b79edc6c8f8bf528d4fbdb1b1735

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://goldenluckpath.click/

Response headers

cdn-status: 200
etag: "66274705-2aaf"
expires: Sat, 14 Dec 2024 00:50:56 GMT
date: Sun, 24 Nov 2024 07:54:36 GMT
content-type: image/gif
cdn-cachedat: 11/14/2024 00:50:56
last-modified: Tue, 23 Apr 2024 05:28:37 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a67bb967-947d-435a-99a7-9a09d827c450
cdn-requestid: 4827be9d6daf82d8d5ba25c3c9db63a1
cdn-pullzone: 2817996
cdn-proxyver: 1.06
accept-ranges: bytes
content-length: 10927
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: US

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=1562874717238368&bg=!8POl87zNAAaIaF9IqGg7ADQBe5WfODtOQn6TADXOrlh1conGbF0wEluBpqhJ_UXsU37gj-7eXooE17AX2QXE3i9M799nAgAAAF5SAAAAA2gBB34ANveelLFVjrXYOKO5T62NDnC4pu2L0fX2RPE_G81J2bKA6s5z-0KueHADoRpxYIsWBqgDAUE1X5kCr7Lspgz-ZBJZRonMKbTg_VFsfuBumn5PJkvMljBo0hGQQ1VZRuiaZYuRwgVZQH4-6fzgzc-3s2lRECb24I2o8wkSd-TvZ2ZaOMFKqAS1nV0JdDEEpj_qA7hCZAapZ01sQwwxqW-9tiEiqi7PkqntqvBYe6fXHA_bIJL9ty1E6DPYp5pEy6Phv0cq5buG4NbogOa_TN_BQL-jjfMnoSogi4gjuhuzjlnKN-mMhfOm62Ff2v42ITmC7zp8oMUI5RYSOVO_adkAOBf38i0uApl043TXZRZQpvciur4R4loHp6vxggMxoH-Bh66_CQ8k45KdusPejIUpT_M0LwxCO-5PHv5j2S2cDLCKO23jrFu9LKKXjivH2zgfNpf_4PTFFtkr8xM70Vjw01EqyQpIEvuoIW22vHEbjegrDUfvUcYEm33aApCfeKWk2gSjwLxxf92m-DwyxNRWNXBLVIrsL9VdebH4Av6HbI0Jas9yKzHlM4sABqJEWl8KED5GI9B9dGCua7G2neWF-7DafAmxLdhU2w_i66VYTLuwk_AbXktPqWNg08cD85xkSWTQZL0sweg_tDAs142qlOhiiEGaT7u4_Brdhuj1QNOuHtlE-BLyizYqRxDu-l7bSoWFYK069d2R0zokUrzLXNYD10782fLXlzkOV0EAOPNeRF5JzSiBEIgj96UoC52zWn4nL9Df8npZdAPwn41hoOgeZ4mcwXQYvc8ZSTKIrHx_EZt4TlZg0TY0nYcLL2zzZl2CeHFOCJZaOUqP2Cu8GZg3yCM_cObOfqqGXAatqdJgfYaX8LyKPLVGyIoz3BNe8hAXNmGb6VSagpVrom95_R8EA3T1lFYQ2TdUenGqEv4GcwTnUa7_2Q2HvHoPpT-3Z2uAR224dbNk1bVGfcZzZcqZFJLdHRckrg

Domain: goldenluckpath.click
URL: https://goldenluckpath.click/push/push.js

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

139 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smartadserver.com/api	1970-01-21 03:23:30	Name: pid Value: 7966430002706184805
.contact.page/	1970-01-21 10:49:54	Name: _ga Value: GA1.1.1450241214.1732434870
.player.viads.com/	1970-01-21 09:59:30	Name: uid Value: CmX/RGdC27UTO4SFKMD/Ag==
.contact.page/	1970-01-21 10:35:30	Name: __gads Value: ID=a76aed1a88d431c3:T=1732434870:RT=1732434870:S=ALNI_MbwHAd5SulK_eGsnxKoEfRWKrq88A
.contact.page/	1970-01-21 10:35:30	Name: __gpi Value: UID=00000db39976d5f8:T=1732434870:RT=1732434870:S=ALNI_MZhhCrc0tMqU8HJG4STks0zRtr6YA
.contact.page/	1970-01-21 05:33:06	Name: __eoi Value: ID=ffdaf148ff274289:T=1732434870:RT=1732434870:S=AA-AfjbPDDgHTrEkv243fO5lCyiQ
player.viads.com/	1970-01-21 01:25:26	Name: sync6 Value: %7B%22richau%22%3A%5B1%2C1732434870%5D%7D
.doubleclick.net/	1970-01-21 10:49:54	Name: IDE Value: AHWqTUka8mxmOsd7WX2cZu9XmBM78pFksEO_w-cOwJKTHtu57myEIK7L-XHr5Y7lqoY
.hhkld.com/	1970-01-21 09:59:30	Name: uid Value: CmX+hGdC27Yv35H+nboPAg==
.adkernel.com/	1969-12-31 23:59:59	Name: SSPZ Value: 201966
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_3 Value: 622821
.adkernel.com/	1970-01-21 01:57:06	Name: ADKUID Value: A1490592139165956810
.a-mo.net/	1970-01-21 09:59:30	Name: amuid2 Value: a8ca1763-f60a-447d-8236-0ff9b37295cc
.a-mo.net/	1970-01-21 09:59:30	Name: pamuid2 Value: a8ca1763-f60a-447d-8236-0ff9b37295cc
.prebid.a-mo.net/	1970-01-21 09:59:30	Name: psd_amuid2 Value: a8ca1763-f60a-447d-8236-0ff9b37295cc
.prebid.a-mo.net/	1970-01-21 09:59:30	Name: sd_amuid2 Value: a8ca1763-f60a-447d-8236-0ff9b37295cc
.onetag-sys.com/	1970-01-21 10:43:41	Name: OTP Value: G1cYA6KMXqhEYdlEFWrOTKfwqSOqqioF4yjrgWfPx3A
.bidswitch.net/	1970-01-21 09:59:30	Name: tuuid Value: 8c0b5cd1-4100-43af-ab76-c003881d86bb
.bidswitch.net/	1970-01-21 09:59:30	Name: c Value: 1732434871
.bidswitch.net/	1970-01-21 09:59:30	Name: tuuid_lu Value: 1732434871
.adform.net/	1970-01-21 02:40:18	Name: uid Value: 3843190882710302836
.rubiconproject.com/	1970-01-21 03:23:30	Name: receive-cookie-deprecation Value: 1
cookies.nextmillmedia.com/	1970-01-21 01:23:59	Name: NMUID Value: 4bfde5dc-f4bd-4b3d-a42f-85e78afe7e1c
.admanmedia.com/	1970-01-21 01:34:02	Name: admtr Value: fc6e4ea1-2857-4552-b799-def10d638b39
.admanmedia.com/	1970-01-21 01:34:02	Name: ac_r Value: CS253
.adnxs.com/	1970-01-21 10:49:54	Name: receive-cookie-deprecation Value: 1
.mfadsrvr.com/	1970-01-21 09:59:30	Name: tuuid Value: 54c94267-4f5f-4a1e-a6cf-a79406f83003
.mfadsrvr.com/	1970-01-21 09:59:30	Name: c Value: 1732434871
.mfadsrvr.com/	1970-01-21 09:59:30	Name: tuuid_lu Value: 1732434871
.pubmatic.com/	1970-01-21 09:59:30	Name: KADUSERCOOKIE Value: 04FF276E-CE15-4E5E-8AA9-DCC5A4A03874
.contextweb.com/	1970-01-21 09:52:18	Name: V Value: NRVuoRiTsUD1
.contextweb.com/	1970-01-21 09:52:18	Name: VP Value: part_NRVuoRiTsUD1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 567721af0b0bca11
.server.cpmstar.com/	1970-01-21 10:35:30	Name: USER_ID Value: %a4%cae%88%23%1dP%ef%09%1d%06)%1e%a4%00
.criteo.com/	1970-01-21 10:35:30	Name: receive-cookie-deprecation Value: 1
.33across.com/	1970-01-21 09:59:30	Name: 33x_ps Value: u%3D212674169855451%3As1%3D1732434871540%3Ats%3D1732434871540
.3lift.com/	1970-01-21 03:23:30	Name: tluidp Value: 2171371986349197763854
.3lift.com/	1970-01-21 03:23:30	Name: tluid Value: 2171371986349197763854
.casalemedia.com/	1970-01-21 09:59:30	Name: CMID Value: Z0Lbt9HM6FIAAH5zARKIoQAA
.casalemedia.com/	1970-01-21 03:23:30	Name: CMPS Value: 530
.casalemedia.com/	1970-01-21 03:23:30	Name: CMPRO Value: 530
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: onetag Value: eyJ1aWQiOiJHMWNZQTZLTVhxaEVZZGxFRldyT1RLZndxU09xcWlvRjR5anJnV2ZQeDNBIiwiZXhwaXJlcyI6IjIwMjQtMTItMDhUMDc6NTQ6MzEuNjM1OTg2NTk3WiJ9
.rubiconproject.com/	1970-01-21 09:59:30	Name: khaos Value: M3VAZQ5T-18-1Z54
.rubiconproject.com/	1970-01-21 09:59:30	Name: khaos_p Value: M3VAZQ5T-18-1Z54
.openx.net/	1970-01-21 09:59:30	Name: i Value: 29df5c70-4c79-4502-bd07-d5881e413f0f\|1732434871
.yieldmo.com/	1970-01-21 09:59:30	Name: yieldmo_id Value: VFV1cwwlL1wAflUhQxDA%7C1732406400000%7C0
.adx.opera.com/	1970-01-21 09:59:30	Name: UID Value: OPU4095c971349d4032822e4bb56086b394
.lijit.com/	1970-01-21 09:59:30	Name: ljt_reader Value: JuB6ALZH8RLw7cSQTluQtG5S
.pubmatic.com/	1970-01-21 03:23:30	Name: KRTBCOOKIE_80 Value: 22987-CAESENKVRhyN-SXMVfMGTa8PGKs&KRTB&16514-CAESENKVRhyN-SXMVfMGTa8PGKs&KRTB&23025-CAESENKVRhyN-SXMVfMGTa8PGKs&KRTB&23386-CAESENKVRhyN-SXMVfMGTa8PGKs
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: grid Value: eyJ1aWQiOiI4YzBiNWNkMS00MTAwLTQzYWYtYWI3Ni1jMDAzODgxZDg2YmIiLCJleHBpcmVzIjoiMjAyNC0xMi0wOFQwNzo1NDozMS43NjYxOTA0OTRaIn0=
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.rfihub.com/	1970-01-21 10:35:30	Name: eud Value: H4sIAAAAAAAA_1vFwmtobmxkYmxiYW5oYWQEALttT5EQAAAA
.rfihub.com/	1970-01-21 10:35:30	Name: rud Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE2MjE3MjU0MrWwEOIz1DUK9w009Mz1zQvyKwAATPldtSQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE2MjE3MjU0MrWwEOIz1DUK9w009Mz1zQvyKwAATPldtSQAAAA
.adsrvr.org/	1970-01-21 09:59:30	Name: TDID Value: b8643b56-a5c2-497f-bea7-b541ac1284bd
.csync.loopme.me/	1970-01-21 03:26:23	Name: viewer_token Value: 5da89e28-7096-4019-9349-b5ed9caf2db7
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: triplelift Value: eyJ1aWQiOiIyMTcxMzcxOTg2MzQ5MTk3NzYzODU0IiwiZXhwaXJlcyI6IjIwMjQtMTItMDhUMDc6NTQ6MzEuOTIyMDI3ODg1WiJ9
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: yieldmo Value: eyJ1aWQiOiJWRlYxY3d3bEwxd0FmbFVoUXhEQSIsImV4cGlyZXMiOiIyMDI0LTEyLTA4VDA3OjU0OjMxLjkyMjA0MTE5NloifQ==
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: openx Value: eyJ1aWQiOiJjM2FkZWNlNi01YzYxLTQ5MWMtOGM1ZC1kZDc1ZmIzZGNlN2YiLCJleHBpcmVzIjoiMjAyNC0xMi0wOFQwNzo1NDozMS45MjMzNDM3NjlaIn0=
.tynt.com/	1970-01-21 09:59:30	Name: uid Value: JljebmdC27fZPZQVS85yUw==
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: loopme Value: eyJ1aWQiOiI1ZGE4OWUyOC03MDk2LTQwMTktOTM0OS1iNWVkOWNhZjJkYjciLCJleHBpcmVzIjoiMjAyNC0xMi0wOFQwNzo1NDozMi4xNzQ5ODk5NDdaIn0=
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: sovrn Value: eyJ1aWQiOiJKdUI2QUxaSDhSTHc3Y1NRVGx1UXRHNVMiLCJleHBpcmVzIjoiMjAyNC0xMi0wOFQwNzo1NDozMi4yNzY1MjYxNjhaIn0=
.a-mx.com/	1970-01-21 09:59:30	Name: amdt_t Value: p::1732434872342
.a-mx.com/	1970-01-21 09:59:30	Name: amuid2 Value: a8ca1763-f60a-447d-8236-0ff9b37295cc
.contact.page/	1970-01-21 10:35:30	Name: FCCDCF Value: %5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5B13%2C%22%5B%5C%22DBABL~BVQqAAAAAg%5C%22%2C%5B%5B7%2C%5B1732434871%2C106129000%5D%5D%5D%5D%22%5D%5D%5D
.contact.page/	1970-01-21 09:59:30	Name: FCNEC Value: %5B%5B%22AKsRol_4I1Swr1UDJtqE2n22-6m7T9MH7gZq9NM8nHASHRgo7WmRouD78ZeCyeHqqZe8WmYbmzBBdlFB0LD3G5bF14Y-rxVK-dcr_34yi-6aA3PdBLmPaCBvAEh7p5M91qI3Ec5SO6NW8H_NsVKd60jsL0zbyrk5SA%3D%3D%22%5D%2Cnull%2C%5B%5B2%2C%22%5Bnull%2C%5Bnull%2C1%2C%5B1732434872%2C113298000%5D%5D%5D%22%5D%5D%5D
.tynt.com/	1970-01-21 03:23:30	Name: pids Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1732434872514%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1732434872514%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1732434872514%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1732434872514%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1732434872514%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1732434872514%7D%5D
.crwdcntrl.net/	1970-01-21 07:42:40	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 07:42:40	Name: _cc_id Value: e040c3ac71730bab093aaab671c48752
.contact.page/	1970-01-21 01:13:54	Name: lotame_domain_check Value: contact.page
.contact.page/	1970-01-21 07:42:42	Name: _cc_id Value: e040c3ac71730bab093aaab671c48752
.contact.page/	1970-01-21 01:23:59	Name: panoramaId_expiry Value: 1733039672509
.contact.page/	1970-01-21 01:23:59	Name: panoramaId Value: 2ce435442007b01174b43a89c542185ca02c8d85cf60377817d35b7cb1b71832
.contact.page/	1970-01-21 01:23:59	Name: panoramaIdType Value: panoDevice
.doubleclick.net/	1970-01-21 05:33:06	Name: APC Value: AfxxVi413k3GfawXcjbi8KOrpWqjwXOKqI8qpq3KCCs-sagDIA9n4Q
.doubleclick.net/	1970-01-21 05:33:06	Name: receive-cookie-deprecation Value: 1
.rtb.mx/	1970-01-21 09:59:30	Name: amdt_t Value: p::1732434872583
.rtb.mx/	1970-01-21 09:59:30	Name: amuid2 Value: a8ca1763-f60a-447d-8236-0ff9b37295cc
.krushmedia.com/	1970-01-21 01:34:04	Name: krm_usr Value: 57f40788-510a-5e8d-9c7b-78df359b3528
.krushmedia.com/	1970-01-21 01:34:04	Name: krm_r Value: 615
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: 33across Value: eyJ1aWQiOiIyMTI2NzQxNjk4NTU0NTEiLCJleHBpcmVzIjoiMjAyNC0xMi0wOFQwNzo1NDozMi44Mjc3OTc0MzdaIn0=
.betweendigital.com/	1970-01-21 09:59:30	Name: dc Value: was1
.betweendigital.com/	1970-01-21 09:59:30	Name: tuuid Value: 1b40698e-e8f2-5349-ae54-b4aec9166f16
.betweendigital.com/	1970-01-21 09:59:30	Name: ss Value: 1
.yahoo.com/	1970-01-21 09:59:52	Name: A3 Value: d=AQABBLjbQmcCEM8jFaiqc7Av2ITxzoiT9mgFEgEBAQEtRGdMZ9xH0iMA_eMAAA&S=AQAAApPq-QrXdmsKS5idY59rZ08
.betweendigital.com/	1970-01-21 09:59:30	Name: ut Value: Z0LbuAANMugcEXyRcT5EDaMKCv1zDWbQCE3MCA==
.doubleclick.net/	1970-01-21 01:57:06	Name: ar_debug Value: 1
.amazon-adsystem.com/	1970-01-21 10:49:54	Name: ad-privacy Value: 0
cookies.nextmillmedia.com/	1970-01-21 01:23:59	Name: syncedBidders Value: {"33across":1,"grid":1,"loopme":1,"onetag":1,"rubicon":1,"sovrn":1,"triplelift":1}
cookies.nextmillmedia.com/	1969-12-31 23:59:59	Name: lastSync Value: 2024-11-24 07:54:33
.pubmatic.com/	1970-01-21 03:23:30	Name: chkChromeAb67Sec Value: 3
.pubmatic.com/	1970-01-21 03:23:30	Name: DPSync4 Value: 1733616000%3A197_219_226%7C1733011200%3A164
.pubmatic.com/	1970-01-21 03:23:30	Name: SyncRTB4 Value: 1733011200%3A223_15%7C1733616000%3A71_104_201_21_54_3_220_13_250
.adsrvr.org/	1970-01-21 09:59:30	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCISpysDomcY9EAUSFwoIcHVibWF0aWMSCwiyiqvB6JnGPRAFGAEgASgCMgsIyICu7v6Zxj0QBTgBWghwdWJtYXRpY2AC
.analytics.yahoo.com/	1970-01-21 09:59:30	Name: IDSYNC Value: "190u~2m07:18z8~2m07"
.bidr.io/	1970-01-21 10:42:24	Name: bito Value: AANVMk7OhbcAABuEsmR9iQ
.bidr.io/	1970-01-21 10:42:24	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-21 03:23:30	Name: KRTBCOOKIE_377 Value: 6810-b8643b56-a5c2-497f-bea7-b541ac1284bd&KRTB&22918-b8643b56-a5c2-497f-bea7-b541ac1284bd&KRTB&22926-b8643b56-a5c2-497f-bea7-b541ac1284bd&KRTB&23031-b8643b56-a5c2-497f-bea7-b541ac1284bd
.pubmatic.com/	1970-01-21 01:57:06	Name: PugT Value: 1732434873
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: rubicon Value: eyJ1aWQiOiJNM1ZBWlE1VC0xOC0xWjU0IiwiZXhwaXJlcyI6IjIwMjQtMTItMDhUMDc6NTQ6MzMuMTQyMzU2Nzk0WiJ9
pbs.nextmillmedia.com/	1970-01-21 03:23:30	Name: uids Value: eyJ0ZW1wVUlEcyI6eyIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTI2NzQxNjk4NTU0NTEiLCJleHBpcmVzIjoiMjAyNC0xMi0wOFQwNzo1NDozMi44NTk5OTIyODZaIn0sImdyaWQiOnsidWlkIjoiOGMwYjVjZDEtNDEwMC00M2FmLWFiNzYtYzAwMzg4MWQ4NmJiIiwiZXhwaXJlcyI6IjIwMjQtMTItMDhUMDc6NTQ6MzEuODE4Nzc3Nzk0WiJ9LCJsb29wbWUiOnsidWlkIjoiNWRhODllMjgtNzA5Ni00MDE5LTkzNDktYjVlZDljYWYyZGI3IiwiZXhwaXJlcyI6IjIwMjQtMTItMDhUMDc6NTQ6MzIuMjUxNTQwNzgyWiJ9LCJvbmV0YWciOnsidWlkIjoiRzFjWUE2S01YcWhFWWRsRUZXck9US2Z3cVNPcXFpb0Y0eWpyZ1dmUHgzQSIsImV4cGlyZXMiOiIyMDI0LTEyLTA4VDA3OjU0OjMxLjY4MjE5NDgwNloifSwicnViaWNvbiI6eyJ1aWQiOiJNM1ZBWlE1VC0xOC0xWjU0IiwiZXhwaXJlcyI6IjIwMjQtMTItMDhUMDc6NTQ6MzMuMTczMzgxMDc2WiJ9LCJzb3ZybiI6eyJ1aWQiOiJKdUI2QUxaSDhSTHc3Y1NRVGx1UXRHNVMiLCJleHBpcmVzIjoiMjAyNC0xMi0wOFQwNzo1NDozMi4zODQ3NzU4MTJaIn0sInlpZWxkbW8iOnsidWlkIjoiVkZWMWN3d2xMMXdBZmxVaFF4REEiLCJleHBpcmVzIjoiMjAyNC0xMi0wOFQwNzo1NDozMS45ODIxMzI0MjFaIn19fQ==
.linkedin.com/	1970-01-21 09:59:30	Name: bcookie Value: "v=2&409495bb-24ec-4a87-892f-586252c93b30"
.linkedin.com/	1970-01-21 01:15:21	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2913:u=1:x=1:i=1732434873:t=1732521273:v=2:sig=AQGKB68ZgBsaRaJoJX43utZ6KRGLOlGn"
.rlcdn.com/	1970-01-21 09:59:30	Name: rlas3 Value: 7szuPgdhUfxh7l4YKARiboQT2Qjq/OEjtogdWBpt1cQ=
.pubmatic.com/	1970-01-21 01:57:06	Name: KRTBCOOKIE_279 Value: 22890-b1595e21-865c-4d00-a1fb-11b8497ba148&KRTB&23011-b1595e21-865c-4d00-a1fb-11b8497ba148&KRTB&23355-b1595e21-865c-4d00-a1fb-11b8497ba148
.ipredictive.com/	1970-01-21 09:59:30	Name: cu Value: 2a3a077f-ff0d-46a0-a8cd-601b790f176b\|1732434873266
.rlcdn.com/	1970-01-21 02:40:18	Name: pxrc Value: CLm3i7oGEgUI6AcQABIFCOhHEAA=
.simpli.fi/	1970-01-21 10:00:57	Name: suid Value: 0165C35A054F4106975079EFB6A4240A
.semasio.net/	1970-01-21 09:59:30	Name: SEUNCY Value: B860773BEF38C231
.pubmatic.com/	1970-01-21 01:57:06	Name: KRTBCOOKIE_148 Value: 19421-uid:0165C35A054F4106975079EFB6A4240A&KRTB&23486-uid:0165C35A054F4106975079EFB6A4240A&KRTB&23489-uid:0165C35A054F4106975079EFB6A4240A&KRTB&23539-uid:0165C35A054F4106975079EFB6A4240A
.tapad.com/	1970-01-21 02:40:18	Name: TapAd_TS Value: 1732434873350
.tapad.com/	1970-01-21 02:40:18	Name: TapAd_DID Value: 52231b03-b490-439d-9214-11fee17642ef
.dotomi.com/	1970-01-21 01:13:54	Name: DotomiTest Value: 4e919cf2559405a9
.tapad.com/	1970-01-21 02:40:18	Name: TapAd_3WAY_SYNCS Value:
.pippio.com/	1970-01-21 09:59:30	Name: did Value: j1gJM1lEcwcEmvoU
.pippio.com/	1970-01-21 09:59:30	Name: didts Value: 1732434873
.pippio.com/	1970-01-21 02:40:18	Name: nnls Value:
.pippio.com/	1970-01-21 02:40:18	Name: pxrc Value: CLm3i7oGEgYIgr0rEAA=
.pubmatic.com/	1970-01-21 03:23:30	Name: KRTBCOOKIE_32 Value: 11175-AQADRS6etK5rnQJwxG5xAQEBAQEBAQCSXCtNfAEBAJJcK018&KRTB&22715-AQADRS6etK5rnQJwxG5xAQEBAQEBAQCSXCtNfAEBAJJcK018&KRTB&23519-AQADRS6etK5rnQJwxG5xAQEBAQEBAQCSXCtNfAEBAJJcK018&KRTB&23632-AQADRS6etK5rnQJwxG5xAQEBAQEBAQCSXCtNfAEBAJJcK018
.sharethrough.com/	1970-01-21 01:57:06	Name: stx_user_id Value: 75647983-36f7-4b65-b4f0-27b1df44e6ad
.onaudience.com/	1970-01-21 09:59:30	Name: cookie Value: f2f211633bfc752d
.onaudience.com/	1970-01-21 01:15:21	Name: done_redirects236 Value: 1
.amazon-adsystem.com/	1970-01-21 06:29:16	Name: ad-id Value: A82WM8qlY0xahhuGgfdKir8
.criteo.com/	1970-01-21 10:35:30	Name: uid Value: 117f49e9-49db-4c95-88ab-b898e1a459e5
.linkedin.com/	1970-01-21 03:23:30	Name: li_sugr Value: 518b6c06-68d2-4dd7-bf76-c6ba321fc696
.rubiconproject.com/	1970-01-21 09:59:30	Name: audit_p Value: 1\|cywZTXfsbrrcypA2v6sUdMyOzoXayhFHgH0Pcv5+57ftSRNyoMFDqHy36TVWNXP9rA480FF+NvMkEa5N2k7U1SEEFoCDRlfY5yJVyavxcLjGOj3eOeYthuXJgMYu/vVdaPPeOixKWnurfEyPMKyhoUkpxrTgiz1lPzz007rtfGA=
.rubiconproject.com/	1970-01-21 09:59:30	Name: audit Value: 1\|cywZTXfsbrrcypA2v6sUdMyOzoXayhFHgH0Pcv5+57ftSRNyoMFDqHy36TVWNXP9rA480FF+NvMkEa5N2k7U1SEEFoCDRlfY5yJVyavxcLjGOj3eOeYthuXJgMYu/vVdaPPeOixKWnurfEyPMKyhoUkpxrTgiz1lPzz007rtfGA=
.eyeota.net/	1970-01-21 09:59:30	Name: mako_uid Value: 1935d2a4db1-35050000010a5498
.eyeota.net/	1970-01-21 01:13:55	Name: SERVERID Value: 21656~DM
.contact.page/	1970-01-21 10:35:30	Name: cto_bundle Value: awoBWl9vRm9ObzdGMUxhd3U2eEFaTnlUQWtVSm1OQnp0SUNxMnF0MWIzJTJCdEJwNU90SVM3d2UlMkZQNUdjZGxtMlR2RGJ4bDJJTk5iaUhndEhjRDEydEN0MWtGQW04YjdSM0pUZE10UWpNNlhaRktRamk1eHBxb01vMk5BZ2hxdVl2U3o1YzYxJTJCTGRuUUQ0VktJWHJIZ1NrcVJQQjh0QlJ4UW9ZY3h0cXhGbDFySTI2QlUlM0Q
.pubmatic.com/	1970-01-21 01:57:06	Name: SPugT Value: 1732434873
redirectlinkway.top/	1970-01-21 01:58:33	Name: fc_t_206 Value: 1732434875_1732434875_1732434875_1732434875_1732434875
redirectlinkway.top/	1970-01-21 01:58:33	Name: fc_n_206 Value: 1_1_1_1_1
redirectlinkway.top/	1970-01-21 01:57:06	Name: c Value: 5vz1an73sz5hz2
redirectlinkway.top/	1970-01-21 01:57:06	Name: k Value: 77d4f9dcc90dcd3c5e416c067659f0ce
.adeum-rtb.com/	1970-01-21 01:57:06	Name: lluid Value: 8d4d2ee6-845e-66c7-4048-bc0d4195d1b9
goldenluckpath.click/	1970-01-21 01:58:33	Name: lfc_t_192_206 Value: 1732434875_1732434875_1732434875_1732434875_1732434875
goldenluckpath.click/	1970-01-21 01:58:33	Name: lfc_n_192_206 Value: 1_1_1_1_1
.contact.page/	1970-01-21 10:49:54	Name: _ga_Z7GJYTLSNH Value: GS1.1.1732434869.1.0.1732434876.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://my369371-vincci-paradigm-mall.contact.page/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A03B022C1C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.viads.net
cdnjs.cloudflare.com
clients1.google.com
cm.adform.net
code.jquery.com
cookies.nextmillmedia.com
crcdn09.adnxs-simple.com
cse.google.com
d7jx9sbm8zc2k.cloudfront.net
e5da47b7e63fe12333f661697eddee36.safeframe.googlesyndication.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global-cdn-cc.b-cdn.net
goldenluckpath.click
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
lh3.googleusercontent.com
logs.hhkld.com
my369371-vincci-paradigm-mall.contact.page
oa.openxcdn.net
onetag-sys.com
pagead2.googlesyndication.com
player.viads.com
prebid.a-mo.net
redirectlinkway.top
rtb.hhkld.com
s0.2mdn.net
securepubads.g.doubleclick.net
server.cpmstar.com
static.criteo.net
sync.adkernel.com
sync.richaudience.com
tags.crwdcntrl.net
vi.hhkld.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
ep1.adtrafficquality.google
goldenluckpath.click
108.138.128.28
125.253.89.184
131.153.170.220
135.148.55.236
141.94.202.179
148.251.40.113
151.101.193.108
162.19.138.116
174.137.133.32
185.106.140.206
185.106.140.207
23.227.200.83
23.51.57.13
2600:9000:26fa:9c00:9:a47d:f700:21
2606:4700:10::6816:3456
2606:4700::6811:180e
2607:f8b0:4006:806::2001
2607:f8b0:4006:809::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::200e
2607:f8b0:4006:817::2006
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2620:100:a00b::12
2620:100:a00b::4
2a02:6ea0:c454::1
2a04:4e42:200::485
2a04:4e42:400::649
3.227.77.161
3.6.30.125
34.102.146.192
34.74.215.184
34.96.70.87
35.190.39.111
35.211.202.130
37.157.4.29
51.222.39.186
0041261b27548aa328d958692bbf8919c85d3aa829ec9747a75eef493fe3b73d
04d7680153f937c469e7f9ffaebb9481e33877a34c7b864eabd9c782854dc4ab
05c4a67116122c30f390b002060cb9a2740ce4855b8f39a0596a22a78217c01e
071308df45ac045a465a400a383015db9ea252755a7dd63b07e0b56e70f6fd74
08499c92dad7c8c779214d6e7b088224d4249b671366cd0fb82bfb1cea7bd5a1
087dea2b36c9b25159c7b46f50f94c16bdcf51c33290cd75871218fc25e051ff
1098ed4396a0c57ae11ebe521193d6f9e99c5aa6f562f63f51aa8ee6dd294034
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930
1527fcdc91369944abe4b7518604b7f8ceed4f0a98f5fe78be70927a3ef7a8b7
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
18268689d4d2c9a61373b3e56e1e70cb60628494602c9bd4b37f5e736b76d412
1903e324a04725a5c194590142dad119b61b092d7fd3acea2252d759bd47285f
1a047d6d649b30c91de9b3b2112fb21b0a054e3d06e963a0053bbbf78a4bf2d7
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
205b890f09b1baf56445ddc9c98ac6219617ae0ccaf4f939c72fa27be90bb716
23dc2a845de8316580c61ddda67d06583e14f5ca2c274578c25bed9367f5e3f3
2a6be792edc86fdbc9964b7736f9d09304845b27fb30358391d83a31aa2178e8
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
358e018099daa0bfe87a0106798caedbf9dbf7aaeb5ad88b2526025fc07e2153
374152a78dc026a3d08416c7b82658db2a7138ebe7fc6b0ab6bd9623be0f8005
3831648d16b211d86d8e8f4523ec0ecfc7b203d4b9713dc9abf9f1518ab9164d
41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f
440ba29a2dab56b481bd36195049ec5b4ec4630bde332f31c8dc06a6f30c8977
4551bbe65d5fcbbae3d3435e661eb53c0695d7341704ca27d66a9d7f95de08c5
4bf167774e13c97ed87fac15142657c51e15371a12ed4880922fb58cbe3aeaa3
4c5c86d8f8be75a98c5e74f464e7d9b1d220a1128e552baf77587ec1556afc25
4df8d3c8f985ced7135ee56f7f24f939d42545d790a02cc028e3df687489de15
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916
6036613340f483796531566b222de04d87bfaa681a3cb625b677fe90cb07e839
609f7e7afda89c65a4b96274e29e4f158efd5cfc9a0d5d454c6a899f32dab1e3
609f8404e03c0751d7b80cfddfa6c0d434a11dd307a69eec33c6027756ae5d45
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
69c1cf13697a284e5d0286a4fe27005964d6e30a2cfc24357fbe4cbdc9f0b31d
69e776baf1b4e5fd5d3ce142b52ce8afad9ef56f03c2ce9ff70650e66e309e0e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68
6f235f337b36099aedabb04917dd709c307d426807d5e2d55c4325dbd1a70669
6f5779e97a89c58c476c51d3d9dde7b97b3bb2bf22f2b626d9dd595f80459b13
70094fd2d218364b8a860669b04698eef9a5b92d66e7785031995be948df9622
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
75b661e193af320b485a2e7feead0fedb5a445815e1460ac383ce9e55445febd
7c22aaa9056a74258eaf6019c8fa67bc25e9f0b5ad8666adbf4ef3a6a0731030
7cd9621446b31bf5bb83846d1bd5bcfc36480e8c7523ed434d6ce3681c02718e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
90793662f8c87ef50ca3ea4bb817a0525d148c5ad2e51b5efdcf3d2b48262100
91ac336e7d8709f75abafcc3fa4ced0193c95efc5eedd1a43f1ff4c8e2b416c8
940b3a1f1a9b813f149b3d19e18868dbfabeecec7839cea8b291e7df0aaefaf8
9456e5077cfa54580e804ee8c841846d884e2dbe394abfbb10bcd3e883a93b0c
977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149
997b196fa0912e067f252d9f8028d6c4188f03bfa735c567e126195550be33d6
9b03b0ca1ca957e987aa0b4777c751acf0e8d8814c0a3eb6b017be17872c4ce4
9d1aed288c991e5d45ec6f55b1ce51748005148c7dd5be4d78d2f7bb594e742c
9f184b71270cacb6f82245aed56defc8891dd489cc3a175da7ff7e674b362e98
a08df3908c6997b2c6506ee26452084bb216058c7370c75edae1ec62c1063c8b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc
ade8410ef9fd988e03e3ab29b923644c6d8ab065604d9a90af8fdc0352ccbf4a
b17907c637abc8ca138ab6ab02aed0ff3b41566a8bac74c2f0c0e82873da6173
b22d214902f4d822a62fe4b6591752acdc512852568aafaf96cee553e4cc72ee
b3877ba40ea2e23144a3f1493a62a44f4ead919cef4a5ced3d9519a4f491c313
b5c41cc4ec71564f4e6e627fd3424e6832da70757bea8d52c10ac96cddf0dd80
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
c1d200876d1a18bee5a10aea288c37cbf6783ac445aa82ce77bee760e65e3218
c7eacedf673d12975b833840f986b1f476c73cf2df0b7c38c6d78ec89cd798ef
c8e3179617fd44649c8138f5115d5a6c146b5aa62a21237b3e8477cfc12c155c
cc3dc51ae419ed3cfacc49a7a818d3f71baa612874a87e32268995374a96c275
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d128304c0e7130093f9bfe090327935f9299231878d65d9f449aa54609b09afc
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7bcfe3b3a2e7ff7aed720e76a464a9e642b4534f3dcb2f3a6dbab24420b6c58
dbb30d314fb2251def4b716d5694d72a10af360cc84aa925fb95e637e129a106
dbe2c130b9f2e157e42a20f6b5877254c24afb93d4cb25ca0df74750b8428b64
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ded015b0c608cddc09e9d439f9de0f596f29b79edc6c8f8bf528d4fbdb1b1735
e1b5a501fc26eb56e0b99cd686a022bfad51b34e3942e51170473cbe4fdecaf1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b5fc1da4649d758b162e5437283cf34cd311d9fd7dfb4e8ad3306eee78e95d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ece9b11c35c6f4c79d52163965b624852566b6360a9035de33e58d46c28435d5
ef02d77ad1c8cd943c4a497895922f147d71a69819ed78cd40ae4c839bf2f5fc
f31bd36beee4beed720b4620955925d462aec53f39dde0e92d10417ca0d06cd6
f6f689d1447f14d5e10dbaf5900e81900f3d1292137c2162dd3e203a04d42c0d
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fe685b258b8bf047e40526a5a5b533efd5d4d887aa583f278551c00608a041f5
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

goldenluckpath.click Open in urlscan Pro 34.74.215.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

98 %HTTPS

52 %IPv6

38 Domains

49 Subdomains

44 IPs

7 Countries

2456 kBTransfer

10022 kBSize

139 Cookies

0 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

goldenluckpath.click Open in urlscan Pro
34.74.215.184 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

98 %
HTTPS

52 %
IPv6

38
Domains

49
Subdomains

44
IPs

7
Countries

2456 kB
Transfer

10022 kB
Size

139
Cookies

140 HTTP transactions
6 data transactions