client.ppcshield.io Open in urlscan Pro
2606:4700:20::681a:ec2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://client.ppcshield.io/
Effective URL:
https://client.ppcshield.io/login
Submission: On July 21 via manual (July 21st 2023, 5:14:56 pm UTC) from CA — Scanned from CA

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 23 domains to perform 60 HTTP transactions. The main IP is 2606:4700:20::681a:ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is client.ppcshield.io. The Cisco Umbrella rank of the primary domain is 249732.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 25th 2023. Valid for: a year.

This is the only time client.ppcshield.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:48f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2606:4700:20:... 2606:4700:20::681a:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
5	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
3	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
1	108.138.106.126 108.138.106.126	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
2	2600:141b:900... 2600:141b:9000::1725:7b88	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::ac43:5d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	23.77.241.199 23.77.241.199	16625 (AKAMAI-AS) (AKAMAI-AS)
2	91.201.28.212 91.201.28.212	203480 (QUALITYUNIT) (QUALITYUNIT)
1	52.3.54.184 52.3.54.184	14618 (AMAZON-AES) (AMAZON-AES)
1	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
2	64.202.112.255 64.202.112.255	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21e... 2600:9000:21ec:600:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.48.12.0 52.48.12.0	16509 (AMAZON-02) (AMAZON-02)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.11.116.43 52.11.116.43	16509 (AMAZON-02) (AMAZON-02)
1	34.240.29.38 34.240.29.38	16509 (AMAZON-02) (AMAZON-02)
60	29

1 2606:4700:20::ac43:48f8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

client.ppcshield.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:ec2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

client.ppcshield.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:9000::1725:7b88 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:5d8 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.77.241.199 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-241-199.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.201.28.212 (Slovakia)

ASN203480 (QUALITYUNIT, SK)

ppcshield.postaffiliatepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.54.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-54-184.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.12.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-12-0.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.11.116.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-116-43.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.29.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-29-38.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ppcshield.io 2 redirects client.ppcshield.io — Cisco Umbrella Rank: 249732	954 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1818 q.stripe.com — Cisco Umbrella Rank: 18097 m.stripe.com — Cisco Umbrella Rank: 1678	146 KB
6	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4002	76 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 385 www.linkedin.com — Cisco Umbrella Rank: 530 px4.ads.linkedin.com — Cisco Umbrella Rank: 5986	5 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	220 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 168 www.google.com — Cisco Umbrella Rank: 3	24 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3146 tr.outbrain.com — Cisco Umbrella Rank: 2904	8 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	239 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2011	16 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8403	562 B
2	postaffiliatepro.com ppcshield.postaffiliatepro.com	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 166	134 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 5758 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5335	3 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 701	6 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 stats.g.doubleclick.net — Cisco Umbrella Rank: 120	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 741 script.hotjar.com — Cisco Umbrella Rank: 932	72 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	2 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6012	161 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 867	377 B
1	quora.com q.quora.com — Cisco Umbrella Rank: 3794	422 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	84 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1187	7 KB
60	23

	Domain	Requested by
11	client.ppcshield.io	2 redirects client.ppcshield.io static.cloudflareinsights.com
6	mc.yandex.ru	1 redirects client.ppcshield.io mc.yandex.ru
3	q.stripe.com	client.ppcshield.io
3	px.ads.linkedin.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	client.ppcshield.io
3	js.stripe.com	client.ppcshield.io js.stripe.com
2	www.facebook.com	client.ppcshield.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google.ca	client.ppcshield.io
2	tr.outbrain.com	amplify.outbrain.com client.ppcshield.io
2	ppcshield.postaffiliatepro.com	www.googletagmanager.com ppcshield.postaffiliatepro.com
2	connect.facebook.net	client.ppcshield.io connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	client.ppcshield.io
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	m.stripe.com	m.stripe.network
1	content.hotjar.io	script.hotjar.com
1	px4.ads.linkedin.com	client.ppcshield.io
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	q.quora.com	client.ppcshield.io
1	amplify.outbrain.com	client.ppcshield.io
1	rum-static.pingdom.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	static.hotjar.com	client.ppcshield.io
1	www.googletagmanager.com	client.ppcshield.io
1	static.cloudflareinsights.com	client.ppcshield.io
1	apis.google.com	client.ppcshield.io
60	33

This site contains links to these domains. Also see Links.

Domain
www.ppcshield.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-25` - `2024-03-24`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-05-12` - `2023-08-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2022-11-13` - `2023-11-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-30` - `2023-07-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.postaffiliatepro.com R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.quora.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-28` - `2023-09-30`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M01	`2023-02-10` - `2023-12-20`	10 months	crt.sh

This page contains 3 frames:

Primary Page: https://client.ppcshield.io/login
Frame ID: 78FD53A010E34C6ACA38711700505B97
Requests: 52 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 7594F8931BA506A2A218D6D3601AFF31
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 04732FCF30E9D4FD143A9AC7C43DF7D6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login To Your PPC Shield Account.

Page URL History Show full URLs

http://client.ppcshield.io/ HTTP 301
https://client.ppcshield.io/ HTTP 302
https://client.ppcshield.io/login Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

60
Requests

97 %
HTTPS

61 %
IPv6

23
Domains

33
Subdomains

29
IPs

5
Countries

1780 kB
Transfer

5593 kB
Size

36
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ppcshield.io/pricing/
Title: Sign Up

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://client.ppcshield.io/ HTTP 301
https://client.ppcshield.io/ HTTP 302
https://client.ppcshield.io/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3488025%26time%3D1689959691240%26url%3Dhttps%253A%252F%252Fclient.ppcshield.io%252Flogin%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQIELhzDCG86YAAAAYl5cnXciGakhL0mJBJQVbkeyydpCLxyCoY-zGVGGnlA6CvaGN2a0r0d

Request Chain 53

https://mc.yandex.ru/watch/74946712?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1213%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1510266714333%3Ahid%3A964831572%3Az%3A0%3Ai%3A20230721171451%3Aet%3A1689959692%3Ac%3A1%3Arn%3A841586318%3Arqn%3A1%3Au%3A1689959692260947615%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C255%2C2%2C366%2C0%2C%2C568%2C3%2C%2C%2C%2C1711%3Aco%3A0%3Acpf%3A1%3Ans%3A1689959689366%3Arqnl%3A1%3Ast%3A1689959692%3At%3ALogin%20To%20Your%20PPC%20Shield%20Account.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/74946712/1?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1213%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1510266714333%3Ahid%3A964831572%3Az%3A0%3Ai%3A20230721171451%3Aet%3A1689959692%3Ac%3A1%3Arn%3A841586318%3Arqn%3A1%3Au%3A1689959692260947615%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C255%2C2%2C366%2C0%2C%2C568%2C3%2C%2C%2C%2C1711%3Aco%3A0%3Acpf%3A1%3Ans%3A1689959689366%3Arqnl%3A1%3Ast%3A1689959692%3At%3ALogin%20To%20Your%20PPC%20Shield%20Account.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
client.ppcshield.io/
Redirect Chain

http://client.ppcshield.io/
https://client.ppcshield.io/
https://client.ppcshield.io/login

4 KB
2 KB

256ms
256ms

Document
text/html

2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610c9f78cb056d3adc0968ec9ac2ecdf754c7abe865a75f303934ba88af3d27b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, private
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 7ea5151ce948541f-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 17:14:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=la9BPni7n%2FyhdPm9r6TOaM93jH6HDWxhSgeigvUCTIr4Rh1dnDil7dhsOWArhgdClT%2B9fc8ux0TEdMTWl77xHGpEGHQ7aX1jZzV%2FYwdPLHAeD9k0wKOqe921p0%2BjipCzoBA6O96Oa5bmf0tCeADHgDg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-cache, private
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 7ea5151b3f8b541f-YYZ
content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 17:14:49 GMT
location: https://client.ppcshield.io/login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvxh4o5PmJk0HXcP5trmsyT4g%2FXnV7dZny%2FdeklaUI9TyzXMrX0bzqnlcMI2NZe9LkPfMWKhVK3UPkQ3mLdtT0yVOP2qHCKsldYvbIZZJ3DbQwltPmIUdO3Vx9zGICZLLCMukYxzpLmv7xdOw91rgEk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 vendor.js Show response
client.ppcshield.io/js/ 183 KB
66 KB 463ms
447ms Script
application/javascript 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/js/vendor.js

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

798a37ca9975da4cbda197e29f35821626777886259249533f2cc30d6830fdda

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Jul 2020 14:27:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2db6b-5ab1ca859f9c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5p4dJ%2FawkNwvx6cLmLIAWZq0t7YSd2LpDWcCzBlcsi5TKXuaBbh%2BY%2Fqng18W8QhK4JN7%2FPn4l3HcG%2FS4mtgcyuVx1FZmH2OJfvvCvj0GVBIG%2BEYXNQE1vzb61ma3XTcTWonkMzgZxsvUEEWr6Vtmk8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 7ea5151eaafc541f-YYZ

GET
H2 200 app.js Show response
client.ppcshield.io/js/ 3 MB
820 KB 580ms
563ms Script
application/javascript 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/js/app.js?id=6baee40bb722fa7ac052

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03921922a28716a4a69caeea11598aaca7f50273a65e5bf55b8a7733ffb908d9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 11:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"28e1d9-5e426da7d9be9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BP5Pq6B2qo86yrbmPEF0no%2F1yfdjsrz6gWktSkXNOgJ%2FuwfLWN78CElLGG6rtlHCY9VHKGoUsBMa7dTQtTiancyfOnvaVuiHxw0JZou2wAKp4iaF2MWzVHQ%2F5Au%2FHUGm%2BiALAH0gfKOWX87RXT%2FtNro%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 7ea5151eab00541f-YYZ

GET
H2 200 site.js Show response
client.ppcshield.io/js/ 4 KB
2 KB 249ms
245ms Script
application/javascript 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/js/site.js?id=d1f85d0d62231572ee12

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4229dba63d704baf25978036e4e1b39fd2345b663821f7cf6a10b8370e18b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 11:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"edc-5e426da7d9be9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtJ8HHp%2Baf4MikrzhtPjO1qvZLcHoMSdCkYvOddkO%2FvsB4%2Bx7ezlMFLTTVLkZJQ1ZdVujuqIq0lK78t9f%2FeZEGaBTmsExCHmbWtp8PZxjSb0dGjGRLQwmH1Y3ok8jbvTiAx%2FxvRmHAkkj5GsDgdKx4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 7ea515218dcf541f-YYZ

GET
H2 200 platform.js Show response
apis.google.com/js/ 57 KB
22 KB 87ms
36ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 17:14:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22286
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "7e9d9dc128ddec90"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:14:50 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 512 KB
142 KB 173ms
16ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7f0b8dd22ce7bc866725ef2c96e8f33ded4ade2eb2f8588129cdde8cc70b9fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 17:14:50 GMT
via: 1.1 varnish
age: 47
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 145288
x-request-id: e7578e8e-9f2d-4234-9aab-8b9875edca48
x-served-by: cache-yyz4577-YYZ
last-modified: Thu, 20 Jul 2023 20:42:22 GMT
server: Fastly
etag: "4fbd53f9e54e535241b4a75515d0bf34"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 188ms
48ms Script
text/javascript 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?lang=en&hl=en

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1320ab805d74fb4b900b0b50fd1d6784bfe0e46341bf616a8a9ece953634e2ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Fri, 21 Jul 2023 17:14:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
959 B 181ms
41ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 16:45:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 17:14:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
1 KB 183ms
43ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 16:41:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 17:14:50 GMT

GET
H2 200 app.css
client.ppcshield.io/css/ 230 KB
39 KB 366ms
351ms Stylesheet
text/css 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/css/app.css?id=1d4640dbaf5b2b56036d

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cac1c6495f64814ce02267e009f82914ecb2ee671e49a2d6ff7f7cd1d0eb174

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 11:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3987a-5e426da7d9be9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ch4W%2BkjWbmFvvpPq3PmQxYgMVt7KQDG2I%2F%2BaFwY4arL63oAEqd79Nz%2BV%2Be%2BsyXkn8Gr2DzwaL3mJO7l%2FrylHV%2B%2FYZCeROZXwsm5HPQMrYv4B%2F5vATqYepuxKUpaIuoT1IFnkkArdTYV4kpYq1EsK70%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 7ea5151eaafa541f-YYZ

GET
H2 200 logo-black.png
client.ppcshield.io/images/ 9 KB
9 KB 245ms
237ms Image
image/png 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.ppcshield.io/images/logo-black.png

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1243a867dd7b0823883fc1f6d37d7acb9a606526266288025df69244763ea4b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Nov 2020 06:08:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2413-5b3199485ad6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY1oDIRL0r502QM8V0oS%2B6BWj2AoKz9kXXTxAgpspTOs7tRYXDFlIYf5vNb12rN7nkzngIRhkIKpkfi5la%2B%2F9lWtxByx9AwWOrZEkk9t%2BJtrHlvsMVLLxUIaTfqNzoxgXW6YCRuAaj%2B4ui31fpDpjjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7ea515220e45541f-YYZ
content-length: 9235

GET
H2 200 v2cb3a2ab87c5498db5ce7e6608cf55231689030342039 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 142ms
95ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Requested by: Host: client.ppcshield.io
URL: https://client.ppcshield.io/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67

Request headers

Referer: https://client.ppcshield.io/
Origin: https://client.ppcshield.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7ea515224e157142-YUL

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
84 KB 121ms
67ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

122fdb33fea5b53d414c0445bc9be294d8a97e4565efe3caad850d909f727e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85359
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jul 2023 17:14:50 GMT

GET
H2 200 hotjar-2493178.js Show response
static.hotjar.com/c/ 9 KB
4 KB 281ms
102ms Script
application/javascript 108.138.106.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2493178.js?sv=6

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-126.jfk50.r.cloudfront.net

Software

Resource Hash

b568eea4d0f2aa4cc1ff87da3310480b9cbb42a62e1f568b848661203b4f19d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 17:14:50 GMT
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/91a42ae83c98bbef8ff3a32f425680a4
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jNQmCxYMuxI2qOGcACuyxGR_4toBgzg5Yjiynaj3_4oXYb7vooigwQ==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 429 KB
172 KB 66ms
16ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?lang=en&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd432513d3a681e07e07cf97654374c3e868e7269f16a8b126929b0f0b7b6894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://client.ppcshield.io/
Origin: https://client.ppcshield.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 16:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175963
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Jul 2024 16:06:23 GMT

GET
H2 200 Login-page-image.svg
client.ppcshield.io/images/ 14 KB
7 KB 234ms
230ms Image
image/svg+xml 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.ppcshield.io/images/Login-page-image.svg

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2f49cd3c80140bc96656cfbd9c08a2c0254db3d3e974551b8e862cf27f5a80

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Mar 2021 12:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3689-5bda6cd95b337"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73T0FUsmpioU%2FQUHIbYjTR9oSR0WF4%2BLtwtGeY%2FjF05QFqqBMzKyrSMsY9eXp3vsEuR%2FcT6HWUjZ83UZhhW1HBRDvvusCiAV2koSR0uIOrz8StTz5sbuv17pITycBJol136qu4T%2Fugfd1eYKTZOOHcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 7ea515221e57541f-YYZ

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 97ms
10ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.ppcshield.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 10:22:17 GMT
x-content-type-options: nosniff
age: 543153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 10:22:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 100ms
14ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.ppcshield.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:31:56 GMT
x-content-type-options: nosniff
age: 38574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 06:31:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 77ms
10ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 15:18:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6970
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 21 Jul 2023 17:18:40 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/413579569/ 3 KB
2 KB 116ms
46ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/413579569/?random=1689959690768&cv=11&fst=1689959690768&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Login%20To%20Your%20PPC%20Shield%20Account.&auid=661137931.1689959691&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

346095c40ce51b20182e36bd9fa20dd1d4b50926485a7d913213b1dbcca09430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
702 B 94ms
13ms Script
application/x-javascript 2600:141b:9000::1725:7b88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000::1725:7b88 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

caea5079fc5f3425d68486e1da462a84df0ba9205ceb229dd49188ec9511775d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jul 2023 14:41:28 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=51532
accept-ranges: bytes
content-length: 491

GET
H2 200 pa-5ed7c7ca8e83fa001500025d.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 501ms
423ms Script
application/javascript 2606:4700:10::ac43:5d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5ed7c7ca8e83fa001500025d.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d47a7d63d1cef178c9ae032fcf019f1784284ab28348a3808cb263a29a60ba9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:51 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7ea51523d985a216-YYZ
expires: Fri, 21 Jul 2023 17:19:51 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 91ms
14ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e237cfb5b51efd58bf08a6d1cf3f4e49c2ce2e595ef16c2060aa6cb4d966fb3a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jul 2023 17:14:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46990
x-xss-protection: 0
pragma: public
x-fb-debug: s3KH2nYcm+hQQJ/JbVCAcBxDaLyKJ/roXhVDnQaFDimg80zkHhmTSTt73oWPBP1xNEZ/jcLmqkg71JfqmHGRQA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
74 KB 811ms
281ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c4e113e7bf186f978548b1b5db327b755b8944540262ffb5edd28811acf84b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Jul 2023 11:40:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64ae66e9-1248e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74894
expires: Fri, 21 Jul 2023 18:14:51 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 23 KB
7 KB 88ms
19ms Script
application/x-javascript 23.77.241.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: client.ppcshield.io
URL: https://client.ppcshield.io/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.77.241.199 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-241-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4b8f2b177e73f0072f1c899e85882e5b8b72c4bfdec8e1d9d431b163079dc8d7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 17:14:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jun 2023 11:53:23 GMT
Server: AkamaiNetStorage
ETag: "afd3aec78079479ef637fa1e1a4ddf26:1687780672.794656"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: CA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7020
Expires: Fri, 21 Jul 2023 17:34:50 GMT

GET
H2 200 q8790mjv6 Show response
ppcshield.postaffiliatepro.com/scripts/ 27 KB
6 KB 902ms
120ms Script
application/javascript 91.201.28.212
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL

https://ppcshield.postaffiliatepro.com/scripts/q8790mjv6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),

Reverse DNS

Software

nginx /

Resource Hash

61a370ef1e85081932323b6b07009f20b0db76ef19484b2bb20a14e14235c85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (2.lb-app.pap.ws-eu)
x-srv: 1
age: 0
last-modified: Wed, 31 May 2023 13:39:28 GMT
server: nginx
etag: W/"6a50-5fcfd72e3a400"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 747329382
cache-control: max-age=120
accept-ranges: bytes
expires: Fri, 21 Jul 2023 17:16:51 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/b5b364d1aba841e1b731568900396ccc/ 43 B
422 B 141ms
28ms Image
image/gif 52.3.54.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/b5b364d1aba841e1b731568900396ccc/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fclient.ppcshield.io%2Flogin

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.54.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-54-184.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 17:14:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,68e08b3bbd26a9029fc7457044404261,10.0.0.162,47472,149.56.153.178,,271844012670,1,1689959690.915,0.004,,.,0,0,0.000,0.000,-,0,0,197,86,43,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 modules.a0d74aac8cc078f29dca.js Show response
script.hotjar.com/ 279 KB
68 KB 118ms
22ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a0d74aac8cc078f29dca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2493178.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

32536d6a1f2176b11a99b3f5c0cef8cc4fc9ac7475657cb63763b5342600740a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 14084
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69233
last-modified: Fri, 21 Jul 2023 13:19:44 GMT
etag: "296f56b68e90f44dfc003e4f2b43db7f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: I_3KwtSC3DL2mh1-N_QTogrrCguKcR9-_xwLgwh6Qi1c8qdLvaWKzg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 43ms
25ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=869014898&t=pageview&_s=1&dl=https%3A%2F%2Fclient.ppcshield.io%2Flogin&ul=en-us&de=UTF-8&dt=Login%20To%20Your%20PPC%20Shield%20Account.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1946679545&gjid=944389631&cid=1001083176.1689959691&tid=UA-74617829-10&_gid=825994000.1689959691&_r=1&_slc=1&gtm=45He37j0n81N8GH3HD&z=903809370

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.ppcshield.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 36ms
19ms Script
application/x-javascript 2600:141b:9000::1725:7b88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000::1725:7b88 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:00:14 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=62878
accept-ranges: bytes
content-length: 4862

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 120ms
22ms Script
application/javascript 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00f3b2867d4bf5e6a9e48b09982c89f2e1
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 17:14:51 GMT
X-TraceId: 70b88e4e3400e5872bc18a6a568e166d
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 117ms
20ms Image
image/gif 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08473093766271185&referrer=&cht=gtm&marketerId=00f3b2867d4bf5e6a9e48b09982c89f2e1&name=PAGE_VIEW&dl=https%3A%2F%2Fclient.ppcshield.io%2Flogin&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: client.ppcshield.io
URL: https://client.ppcshield.io/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 17:14:51 GMT
Cache-Control: no-cache
X-TraceId: f715cd30cb4e317ea07dc8309d187a7e
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 logo-black.png
client.ppcshield.io/images/ 6 KB
7 KB 50ms
24ms Image
image/webp 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.ppcshield.io/images/logo-black.png

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34f93f885cee5d4d2504e34a0abc4b56c2c28f7d8a28f010c3af834efb0778b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
cf-polished: origFmt=png, origSize=9235
content-disposition: inline; filename="logo-black.webp"
content-length: 6358
cf-bgj: imgq:100,h2pri
last-modified: Mon, 02 Nov 2020 06:08:50 GMT
server: cloudflare
etag: "2413-5b3199485ad6d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dh7aaPqECCPCXM6NxsF0W4CuBXLQIEJhXNzA41bS8adgSj2vt35w1OKeh2Z6BViwz6WIJw%2FFTuaSd6vs%2BMyCuKiowgl%2FMRHosIPlm4zivSk%2FxxxdD2ATq8paVdE46sAisBcEVVuip3LXz1UPkt9y1F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7ea515256a59541f-YYZ

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 7594 200 B
843 B 34ms
16ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.ppcshield.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3700774
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 155
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 17:14:51 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 08 Jun 2023 20:06:51 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 337850
x-content-type-options: nosniff
x-request-id: b818a47b-55c6-4206-a014-06cec85b7d3c
x-served-by: cache-yyz4577-YYZ

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 28ms
11ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.ppcshield.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 21:57:17 GMT
x-content-type-options: nosniff
age: 587854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2024 21:57:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 104ms
34ms XHR
text/plain 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-74617829-10&cid=1001083176.1689959691&jid=1946679545&gjid=944389631&_gid=825994000.1689959691&_u=YEBAAEAAAAAAACAAI~&z=973713132

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Jul 2023 17:14:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.ppcshield.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/413579569/ 42 B
327 B 40ms
39ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/413579569/?random=1689959690768&cv=11&fst=1689958800000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&frm=0&tiba=Login%20To%20Your%20PPC%20Shield%20Account.&fmt=3&is_vtc=1&random=2956557371&rmt_tld=0&ipr=y

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/413579569/ 42 B
154 B 156ms
46ms Image
image/gif 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/413579569/?random=1689959690768&cv=11&fst=1689958800000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&frm=0&tiba=Login%20To%20Your%20PPC%20Shield%20Account.&fmt=3&is_vtc=1&random=2956557371&rmt_tld=1&ipr=y

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 439864737329509 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 72ms
68ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/439864737329509?v=next&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3971ebee4228c9e89a484e8a74763e2abe252c3d92fdae56539d7867128a3690

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jul 2023 17:14:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: DnKjUpC0jid0/HOubNMxKRi28a6whoUcnLUnekyWN1t9qJggMwvL6Z104m9cqNR7Os7gtas/bHkY3hDU3WEheQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7594 631 B
689 B 40ms
34ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 17:14:51 GMT
via: 1.1 varnish
age: 21589788
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 332
x-request-id: e8b08443-a817-4d1e-8902-64a41864916e
x-served-by: cache-yyz4536-YYZ
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 112526

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 47ms
40ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74617829-10&cid=1001083176.1689959691&jid=1946679545&_u=YEBAAEAAAAAAACAAI~&z=1307606687

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 126ms
45ms Image
image/gif 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74617829-10&cid=1001083176.1689959691&jid=1946679545&_u=YEBAAEAAAAAAACAAI~&z=1307606687

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3488025/domain/client.ppcshield.io/ 36 B
377 B 139ms
7ms XHR
application/json 2600:9000:21ec:600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3488025/domain/client.ppcshield.io/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://client.ppcshield.io/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 16:54:16 GMT
content-encoding: gzip
via: 1.1 d77f2f1d7dfcddde244aedf1c9ed7a8e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1235
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=11776
x-amz-cf-id: 33VSwKgVWqMfWM298DLrwzPA-NZtZy-KXit8aBWHTgeeNp7eRbiuWQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3488025%26time%3D1689959691240%26url%3Dhttps%253A%252F%252Fclient.ppcshield.io%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQIELhzDCG86YAAAAYl5cnXciGakhL0mJBJQ...

0
488 B

134ms
99ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQIELhzDCG86YAAAAYl5cnXciGakhL0mJBJQVbkeyydpCLxyCoY-zGVGGnlA6CvaGN2a0r0d
Requested by: Host: client.ppcshield.io
URL: https://client.ppcshield.io/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:51 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FAA443C38AAF405394EF1F1F1C975891 Ref B: YMQ01EDGE0409 Ref C: 2023-07-21T17:14:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBAmcfoNCBdcJUY4GmpA==

Redirect headers

date: Fri, 21 Jul 2023 17:14:51 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4E9F24A2A3D9403A90806D76F2A0EF44 Ref B: YMQ01EDGE0613 Ref C: 2023-07-21T17:14:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1689959691240&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQIELhzDCG86YAAAAYl5cnXciGakhL0mJBJQVbkeyydpCLxyCoY-zGVGGnlA6CvaGN2a0r0d
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBAmccNNcXtOZkHzRpaA==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 399ms
111ms XHR
application/json 52.48.12.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.a0d74aac8cc078f29dca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.12.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-12-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ad7a593177db808994244285e433d8ea882e9b4ced8a2483e02fc75155abe1f9

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 21 Jul 2023 17:14:51 GMT
content-length: 56
vary: Origin
content-type: application/json

POST
H2 200 csp-report
q.stripe.com/ Frame 7594 0
718 B 327ms
96ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 21 Jul 2023 17:14:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689959691660504
x-envoy-upstream-service-time: 14
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 7
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1689959691656103
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7594 0
718 B 315ms
84ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 21 Jul 2023 17:14:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689959691658968
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1689959691656142
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0473 930 B
1 KB 32ms
19ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 53
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 17:14:51 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 43
x-content-type-options: nosniff
x-request-id: 2fc42485-621d-44c2-adb5-90f99a4479c3
x-served-by: cache-yyz4577-YYZ
x-timer: S1689959691.420089,VS0,VE0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 62ms
19ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=439864737329509&ev=PageView&dl=https%3A%2F%2Fclient.ppcshield.io%2Flogin&rl=&if=false&ts=1689959691412&sw=1600&sh=1200&v=next&r=stable&ec=0&o=30&fbp=fb.1.1689959691410.951505666&it=1689959691216&coo=false&exp=a1&rqm=GET

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jul 2023 17:14:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0473 0
491 B 264ms
84ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 21 Jul 2023 17:14:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689959691659309
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1689959691656232
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 0473 87 KB
15 KB 19ms
18ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 21 Jul 2023 17:14:51 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 62
x-cache: HIT
content-length: 15509
x-request-id: a91624ed-4d59-4629-b444-2ccbcc2614a2
x-served-by: cache-yyz4577-YYZ
server: Fastly
x-timer: S1689959691.449220,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 51

POST
H2 200 6 Show response
m.stripe.com/ Frame 0473 156 B
670 B 281ms
90ms XHR
application/json 52.11.116.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.116.43 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-116-43.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3b34403de4eb98fad3e437557e2241a64f001de70c0bdce18af7342016ce1baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 21 Jul 2023 17:14:51 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689959691765655
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1689959691764985
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 q8790mrv6 Show response
ppcshield.postaffiliatepro.com/scripts/ 66 B
354 B 118ms
117ms Script
application/x-javascript 91.201.28.212
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL: https://ppcshield.postaffiliatepro.com/scripts/q8790mrv6?accountId=default1&url=S_client.ppcshield.io%2Flogin&referrer=&isInIframe=false&getParams=&anchor=
Requested by: Host: ppcshield.postaffiliatepro.com
URL: https://ppcshield.postaffiliatepro.com/scripts/q8790mjv6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software: nginx /
Resource Hash: 93c050afe6b5f10dde4e1f01896b4b438b68636011d0b3affbf82423c633434d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: application/octet-stream, application/x-javascript
date: Fri, 21 Jul 2023 17:14:51 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
114 B 156ms
145ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:14:51 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Jul 2023 11:40:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64ae66e9-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 21 Jul 2023 18:14:51 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/74946712/
Redirect Chain

https://mc.yandex.ru/watch/74946712?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1213%3Afu%3A0%3...
https://mc.yandex.ru/watch/74946712/1?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1213%3Afu%3A0...

435 B
590 B

144ms
144ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/74946712/1?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1213%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1510266714333%3Ahid%3A964831572%3Az%3A0%3Ai%3A20230721171451%3Aet%3A1689959692%3Ac%3A1%3Arn%3A841586318%3Arqn%3A1%3Au%3A1689959692260947615%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C255%2C2%2C366%2C0%2C%2C568%2C3%2C%2C%2C%2C1711%3Aco%3A0%3Acpf%3A1%3Ans%3A1689959689366%3Arqnl%3A1%3Ast%3A1689959692%3At%3ALogin%20To%20Your%20PPC%20Shield%20Account.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cd595577cba044c311807076c0862d53044c742c2b2d952030c6dbb0bdf2f329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 21-Jul-2023 17:14:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.ppcshield.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Fri, 21-Jul-2023 17:14:52 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Jul-2023 17:14:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/74946712/1?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1213%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1510266714333%3Ahid%3A964831572%3Az%3A0%3Ai%3A20230721171451%3Aet%3A1689959692%3Ac%3A1%3Arn%3A841586318%3Arqn%3A1%3Au%3A1689959692260947615%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C255%2C2%2C366%2C0%2C%2C568%2C3%2C%2C%2C%2C1711%3Aco%3A0%3Acpf%3A1%3Ans%3A1689959689366%3Arqnl%3A1%3Ast%3A1689959692%3At%3ALogin%20To%20Your%20PPC%20Shield%20Account.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://client.ppcshield.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 21-Jul-2023 17:14:51 GMT

POST
H2 204 rum Show response
client.ppcshield.io/cdn-cgi/ 0
196 B 36ms
34ms XHR
text/plain 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://client.ppcshield.io/login
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json

Response headers

date: Fri, 21 Jul 2023 17:14:52 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://client.ppcshield.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7ea5152b3887541f-YYZ

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 480ms
103ms XHR
text/plain 34.240.29.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5ed7c7ca8e83fa001500025d&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=366&cE=366&dLE=366&dLS=366&fS=366&hS=-1&rE=-1&rS=-1&reS=367&resS=623&resE=624&uEE=-1&uES=-1&dL=626&dI=1193&dCLES=1711&dCLEE=1715&dC=2650&lES=2650&lEE=2653&s=nt&title=Login%20To%20Your%20PPC%20Shield%20Account.&path=https%3A%2F%2Fclient.ppcshield.io%2Flogin&ref=&sId=grgvyhis&sST=1689959692&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5ed7c7ca8e83fa001500025d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.29.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-29-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 21 Jul 2023 17:14:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 22ms
17ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=439864737329509&ev=Microdata&dl=https%3A%2F%2Fclient.ppcshield.io%2Flogin&rl=&if=false&ts=1689959692916&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20To%20Your%20PPC%20Shield%20Account.%22%2C%22meta%3Adescription%22%3A%22Access%20your%20PPC%20Shield%20dashboard%2C%20monitor%20all%20fraudulent%20clicks%20that%20we%20blocked%20and%20all%20the%20money%20you%27ve%20saved.%20Enjoy%20real-time%20protection%20and%20instant%20savings.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=next&r=stable&ec=1&o=30&fbp=fb.1.1689959691410.951505666&it=1689959691216&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jul 2023 17:14:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 74946712
mc.yandex.ru/webvisor/ 43 B
0 289ms
289ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/74946712?wmode=0&wv-part=1&wv-hit=964831572&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&rn=790247062&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1689959695%3Aw%3A1600x1200%3Av%3A1082%3Az%3A0%3Ai%3A20230721171454%3Au%3A1689959692260947615%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1689959695&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:54 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Jul-2023 17:14:54 GMT
content-type: image/gif
access-control-allow-origin: https://client.ppcshield.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 21-Jul-2023 17:14:54 GMT

POST
H2 200 74946712
mc.yandex.ru/webvisor/ 43 B
0 147ms
146ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/74946712?wmode=0&wv-part=1&wv-hit=964831572&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&rn=691318897&wv-type=3&browser-info=we%3A1%3Aet%3A1689959695%3Aw%3A1600x1200%3Av%3A1082%3Az%3A0%3Ai%3A20230721171454%3Au%3A1689959692260947615%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1689959695&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 17:14:55 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Jul-2023 17:14:55 GMT
content-type: image/gif
access-control-allow-origin: https://client.ppcshield.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 21-Jul-2023 17:14:55 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
client.ppcshield.io/	1970-01-20 13:27:11	Name: ppcshield_session Value: eyJpdiI6IkZObks1YmpKVlY4c3V2YnFicWpsUUE9PSIsInZhbHVlIjoidlJaVVJNMGtFV3JmMHBFRjV1QSswRzZtUVpTa0JwbkxCSDV6UjlZOTRSSGVEZ1oxN3ZUN1kzeDZQa0N3Ujh0cUp2QURzMXd5ZlUxbE5ET1VnYUkxRHFuL05OZ1llU05tWXp0SVpFeldBU2RodHhnUklkdlRNYmRxUHhRYkdTYnAiLCJtYWMiOiIyMTZiODQwODA3YWIyYjQ2MTE2OWQyNjgzZDNkODFhMzVjNTU2N2I4ODM1YmM2MDU5M2NmYmRjOTQ4ZDI2OGRiIn0%3D
.ppcshield.io/	1970-01-20 15:35:35	Name: _gcl_au Value: 1.1.661137931.1689959691
.ppcshield.io/	1970-01-20 23:01:59	Name: _ga Value: GA1.2.1001083176.1689959691
.ppcshield.io/	1970-01-20 13:27:26	Name: _gid Value: GA1.2.825994000.1689959691
.ppcshield.io/	1970-01-20 13:25:59	Name: _gat_UA-74617829-10 Value: 1
.doubleclick.net/	1970-01-20 13:26:00	Name: test_cookie Value: CheckForPermission
client.ppcshield.io/	1970-01-20 13:25:59	Name: outbrain_cid_fetch Value: true
.ppcshield.io/	1970-01-20 22:11:35	Name: _hjSessionUser_2493178 Value: eyJpZCI6Ijc3NjM2ZTk2LTAwNjctNTMwYy04YjhiLTc1Y2U3MjQ2YmY5NSIsImNyZWF0ZWQiOjE2ODk5NTk2OTEyOTcsImV4aXN0aW5nIjpmYWxzZX0=
.ppcshield.io/	1970-01-20 13:26:01	Name: _hjFirstSeen Value: 1
.ppcshield.io/	1970-01-20 13:25:59	Name: _hjIncludedInSessionSample_2493178 Value: 1
.ppcshield.io/	1970-01-20 13:26:01	Name: _hjSession_2493178 Value: eyJpZCI6ImFkZmZhYzU1LTRjZjctNGQwMC1hOWM1LTc2YWRmZTNjZmRlYiIsImNyZWF0ZWQiOjE2ODk5NTk2OTEzMTAsImluU2FtcGxlIjp0cnVlfQ==
.ppcshield.io/	1970-01-20 13:26:01	Name: _hjAbsoluteSessionInProgress Value: 0
client.ppcshield.io/	1970-01-20 13:27:26	Name: ln_or Value: eyIzNDg4MDI1IjoiZCJ9
.ppcshield.io/	1970-01-20 15:35:35	Name: _fbp Value: fb.1.1689959691410.951505666
.linkedin.com/	1970-01-20 15:35:35	Name: li_sugr Value: 1000fa62-5b2a-45b8-b2ac-b11f7fd08d47
.linkedin.com/	1970-01-20 22:11:35	Name: bcookie Value: "v=2&c9b42b37-715f-41e6-89f6-229054e869d4"
.linkedin.com/	1970-01-20 13:27:26	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2546:u=1:x=1:i=1689959691:t=1690046091:v=2:sig=AQEr82WwVbDwx3PDh5E9fL-EpucOo1To"
.linkedin.com/	1970-01-20 14:09:11	Name: UserMatchHistory Value: AQLjKKD9yMtxmgAAAYl5cnTfOJexhfudLlO0fGdLrJSiV7Yv12mZQWUWHRgzpg_niopcElzygF1J_g
.linkedin.com/	1970-01-20 14:09:11	Name: AnalyticsSyncHistory Value: AQLxhEz_izGlZAAAAYl5cnTf76Jf5MD1FnYyDbJI_LQugBJF-VVCjzYbGUybnQOxYOAATljhfoVyhzCX9scw6w
.www.linkedin.com/	1970-01-20 22:11:35	Name: bscookie Value: "v=1&202307211714510a8ea461-bf3d-4c85-8198-472f87f75c95AQFGEijDr5q6BVmT8sXRhVTD9epU-jRR"
.ppcshield.io/	1970-01-20 22:11:35	Name: _ym_uid Value: 1689959692260947615
.ppcshield.io/	1970-01-20 22:11:35	Name: _ym_d Value: 1689959692
.postaffiliatepro.com/	1970-01-20 22:11:56	Name: PAPVisitorId Value: kjvrbRpk2KtDsjfH6Ry6KfJ5BTD6bhpX
m.stripe.com/	1970-01-20 23:01:59	Name: m Value: 7813d634-126c-4bfc-8345-eb4c22d02a5624d344
.ppcshield.io/	1970-01-20 22:11:35	Name: PAPVisitorId Value: kjvrbRpk2KtDsjfH6Ry6KfJ5BTD6bhpX
.client.ppcshield.io/	1970-01-20 22:11:35	Name: PAPVisitorId Value: kjvrbRpk2KtDsjfH6Ry6KfJ5BTD6bhpX
.client.ppcshield.io/	1970-01-20 22:11:35	Name: __stripe_mid Value: 53c2560d-e339-4217-87d8-aad9a40be801da475e
.client.ppcshield.io/	1970-01-20 13:26:01	Name: __stripe_sid Value: adc1a2ff-bc7f-48a6-90e6-0d2801b3e4b4ca4ded
.ppcshield.io/	1970-01-20 13:27:11	Name: _ym_isad Value: 2
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 558849081689959691
.yandex.ru/	1970-01-20 23:01:59	Name: i Value: r8BICJ2UEMSM5h2fgN3Nl6+o8FVjOWor/4nQdtEDFbJY608VN3FVFZaIz7TG/HFP6O2MW4doTLmmWdHDY+AD7kLHEZI=
.yandex.ru/	1970-01-20 23:01:59	Name: yandexuid Value: 393488131689959691
.yandex.ru/	1970-01-20 23:01:59	Name: yuidss Value: 393488131689959691
.yandex.ru/	1970-01-20 22:11:35	Name: ymex Value: 2005319691.yc.1689959691#2005319691.yrts.1689959691#2005319691.yrtsi.1689959691
.yandex.ru/	1970-01-20 22:11:35	Name: bh Value: KgI/MA==
.ppcshield.io/	1970-01-20 13:26:01	Name: _ym_visorc Value: w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
apis.google.com
cdn.linkedin.oribi.io
client.ppcshield.io
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
mc.yandex.ru
ppcshield.postaffiliatepro.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
q.stripe.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
script.hotjar.com
snap.licdn.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
tr.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
108.138.106.126
13.107.42.14
151.101.192.176
18.164.96.90
23.77.241.199
2600:141b:9000::1725:7b88
2600:9000:21ec:600:2:53b2:240:93a1
2606:4700:10::ac43:5d8
2606:4700:20::681a:ec2
2606:4700:20::ac43:48f8
2606:4700::6810:3965
2607:f8b0:4004:c19::9c
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80e::2008
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
2620:1ec:21::14
2a02:6b8::1:119
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.240.29.38
52.11.116.43
52.3.54.184
52.48.12.0
54.186.23.98
64.202.112.255
91.201.28.212
03921922a28716a4a69caeea11598aaca7f50273a65e5bf55b8a7733ffb908d9
0d47a7d63d1cef178c9ae032fcf019f1784284ab28348a3808cb263a29a60ba9
122fdb33fea5b53d414c0445bc9be294d8a97e4565efe3caad850d909f727e70
1243a867dd7b0823883fc1f6d37d7acb9a606526266288025df69244763ea4b7
1320ab805d74fb4b900b0b50fd1d6784bfe0e46341bf616a8a9ece953634e2ca
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
32536d6a1f2176b11a99b3f5c0cef8cc4fc9ac7475657cb63763b5342600740a
346095c40ce51b20182e36bd9fa20dd1d4b50926485a7d913213b1dbcca09430
34f93f885cee5d4d2504e34a0abc4b56c2c28f7d8a28f010c3af834efb0778b1
3971ebee4228c9e89a484e8a74763e2abe252c3d92fdae56539d7867128a3690
3b34403de4eb98fad3e437557e2241a64f001de70c0bdce18af7342016ce1baa
470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56
4b8f2b177e73f0072f1c899e85882e5b8b72c4bfdec8e1d9d431b163079dc8d7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5cac1c6495f64814ce02267e009f82914ecb2ee671e49a2d6ff7f7cd1d0eb174
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
610c9f78cb056d3adc0968ec9ac2ecdf754c7abe865a75f303934ba88af3d27b
61a370ef1e85081932323b6b07009f20b0db76ef19484b2bb20a14e14235c85f
798a37ca9975da4cbda197e29f35821626777886259249533f2cc30d6830fdda
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d4229dba63d704baf25978036e4e1b39fd2345b663821f7cf6a10b8370e18b0
7f0b8dd22ce7bc866725ef2c96e8f33ded4ade2eb2f8588129cdde8cc70b9fef
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8e2f49cd3c80140bc96656cfbd9c08a2c0254db3d3e974551b8e862cf27f5a80
93c050afe6b5f10dde4e1f01896b4b438b68636011d0b3affbf82423c633434d
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8
ad7a593177db808994244285e433d8ea882e9b4ced8a2483e02fc75155abe1f9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b568eea4d0f2aa4cc1ff87da3310480b9cbb42a62e1f568b848661203b4f19d9
bd432513d3a681e07e07cf97654374c3e868e7269f16a8b126929b0f0b7b6894
c4e113e7bf186f978548b1b5db327b755b8944540262ffb5edd28811acf84b26
caea5079fc5f3425d68486e1da462a84df0ba9205ceb229dd49188ec9511775d
cd595577cba044c311807076c0862d53044c742c2b2d952030c6dbb0bdf2f329
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e237cfb5b51efd58bf08a6d1cf3f4e49c2ce2e595ef16c2060aa6cb4d966fb3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

client.ppcshield.io Open in urlscan Pro 2606:4700:20::681a:ec2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

61 %IPv6

23 Domains

33 Subdomains

29 IPs

5 Countries

1780 kBTransfer

5593 kBSize

36 Cookies

1 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

client.ppcshield.io Open in urlscan Pro
2606:4700:20::681a:ec2 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

61 %
IPv6

23
Domains

33
Subdomains

29
IPs

5
Countries

1780 kB
Transfer

5593 kB
Size

36
Cookies

60 HTTP transactions
0 data transactions