www.buyhearinghero.com Open in urlscan Pro
2606:4700:3035::681c:1a82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/34BTPtw#74529-45907088-4887115503224
Effective URL:
https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350de...
Submission: On October 10 via api (October 10th 2020, 1:21:05 pm UTC) from BE

Summary HTTP 66 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 18 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3035::681c:1a82, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.buyhearinghero.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2020. Valid for: a year.

This is the only time www.buyhearinghero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	37.97.228.157 37.97.228.157	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
1	185.80.130.19 185.80.130.19	61053 (VPSNET-AS) (VPSNET-AS)
1 1	54.88.63.181 54.88.63.181	14618 (AMAZON-AES) (AMAZON-AES)
1 1	100.24.154.140 100.24.154.140	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.107.179.180 34.107.179.180	15169 (GOOGLE) (GOOGLE)
1 1	35.244.216.24 35.244.216.24	15169 (GOOGLE) (GOOGLE)
29	2606:4700:303... 2606:4700:3035::681c:1a82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
3	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
2	2600:9000:206... 2600:9000:206e:ee00:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1	147.75.33.131 147.75.33.131	54825 (PACKET) (PACKET)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.16.35.20 52.16.35.20	16509 (AMAZON-02) (AMAZON-02)
66	15

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.97.228.157 (Netherlands) 1 redirects

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 37-97-228-157.colo.transip.net

tonsampert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.80.130.19 (Lithuania)

ASN61053 (VPSNET-AS, LT)

trophenrogerphency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.63.181 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-63-181.compute-1.amazonaws.com

rdtrk554.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.154.140 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-154-140.compute-1.amazonaws.com

rdtrk201.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.179.180 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 180.179.107.34.bc.googleusercontent.com

www.whskysr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.216.24 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 24.216.244.35.bc.googleusercontent.com

www.justnowtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:3035::681c:1a82 (United States)

ASN13335 (CLOUDFLARENET, US)

www.buyhearinghero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress13

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:ee00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.35.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-35-20.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	buyhearinghero.com www.buyhearinghero.com	452 KB
6	google.de www.google.de	991 B
6	google.com 1 redirects www.google.com	1 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	5 KB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	76 KB
4	google-analytics.com www.google-analytics.com	50 KB
4	googletagmanager.com www.googletagmanager.com	162 KB
2	bing.com bat.bing.com	9 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	ywxi.net cdn.ywxi.net	12 KB
1	googleadservices.com www.googleadservices.com	11 KB
1	justnowtrk.com 1 redirects www.justnowtrk.com	399 B
1	whskysr.com 1 redirects www.whskysr.com	439 B
1	rdtrk201.com 1 redirects rdtrk201.com	760 B
1	rdtrk554.com 1 redirects rdtrk554.com	283 B
1	trophenrogerphency.com trophenrogerphency.com	468 B
1	tonsampert.com 1 redirects tonsampert.com	482 B
1	bit.ly 1 redirects bit.ly	219 B
66	18

	Domain	Requested by
29	www.buyhearinghero.com	trophenrogerphency.com www.buyhearinghero.com
6	www.google.de	www.buyhearinghero.com
6	www.google.com	1 redirects www.buyhearinghero.com
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.buyhearinghero.com www.googletagmanager.com
2	bat.bing.com	trophenrogerphency.com www.buyhearinghero.com
2	fonts.gstatic.com	www.buyhearinghero.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	cdn.ywxi.net	www.buyhearinghero.com
2	static.hotjar.com	trophenrogerphency.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.justnowtrk.com	1 redirects
1	www.whskysr.com	1 redirects
1	rdtrk201.com	1 redirects
1	rdtrk554.com	1 redirects
1	trophenrogerphency.com
1	tonsampert.com	1 redirects
1	bit.ly	1 redirects
66	22

This site contains links to these domains. Also see Links.

Domain
www.klarna.com

Subject Issuer	Validity	Valid
trophenrogerphency.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-23` - `2021-04-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-08-16` - `2020-11-14`	3 months	crt.sh
*.ywxi.net Amazon	`2020-09-01` - `2021-10-02`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-08-17` - `2020-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.hotjar.com Amazon	`2020-08-29` - `2021-09-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Frame ID: 0BD577874CD8C8901CCBDFB1F0F482BC
Requests: 65 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 5DDA77F3B874A2AC6C9075A1FFAD705F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/34BTPtw HTTP 301
http://tonsampert.com/ljhlhh.html?od=1syfshort5f7cbde5f2018_vl_Active1vl_tn4.gka6M.Yzzzyrfsszu11e7... HTTP 302
https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%... Page URL
http://rdtrk554.com/?a=554&c=4969&s1=690370&s2=ohugetstevehaaa_tn5f7cbde5f1e7b&s3=1079766981 HTTP 302
https://rdtrk201.com/?a=554&c=4969&s1=690370&s2=ohugetstevehaaa_tn5f7cbde5f1e7b&s3=1079766981&ckm... HTTP 302
https://www.whskysr.com/8BHN2DD/612MRCK/?source_id=554&sub1=690370&sub2=2-bu0raai279hs98hrbbd0 HTTP 302
https://www.justnowtrk.com/cmp/B2S5Q/BZ54P/?sub1=4527&sub2=690370&sub3=2-bu0raai279hs98hrbbd0&sub4=&sub... HTTP 302
https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb3... Page URL

Page Statistics

66
Requests

100 %
HTTPS

48 %
IPv6

18
Domains

22
Subdomains

15
IPs

6
Countries

811 kB
Transfer

2307 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.klarna.com/
Title: Qu’est-ce que Klarna ?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/34BTPtw HTTP 301
http://tonsampert.com/ljhlhh.html?od=1syfshort5f7cbde5f2018_vl_Active1vl_tn4.gka6M.Yzzzyrfsszu11e7111_x11067.g7246d3d3d3gwaW0zcDR00u6Nvi HTTP 302
https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%7Cwwwwx%7C0im3p4t%7C48463%7Czzzyrfsszu%7CY%7CM21unJj=%7CPC%7C196c4ji/p3yzp2uipaD1MwqwLzEyAJLlZQR4K3MfK0SwqTy2MGS2oS90owD= Page URL
http://rdtrk554.com/?a=554&c=4969&s1=690370&s2=ohugetstevehaaa_tn5f7cbde5f1e7b&s3=1079766981 HTTP 302
https://rdtrk201.com/?a=554&c=4969&s1=690370&s2=ohugetstevehaaa_tn5f7cbde5f1e7b&s3=1079766981&ckmguid=bu0raai279hs98hrbbbg HTTP 302
https://www.whskysr.com/8BHN2DD/612MRCK/?source_id=554&sub1=690370&sub2=2-bu0raai279hs98hrbbd0 HTTP 302
https://www.justnowtrk.com/cmp/B2S5Q/BZ54P/?sub1=4527&sub2=690370&sub3=2-bu0raai279hs98hrbbd0&sub4=&sub5=2879282daaef4e699bfb9de6b4972568 HTTP 302
https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/34BTPtw HTTP 301
http://tonsampert.com/ljhlhh.html?od=1syfshort5f7cbde5f2018_vl_Active1vl_tn4.gka6M.Yzzzyrfsszu11e7111_x11067.g7246d3d3d3gwaW0zcDR00u6Nvi HTTP 302
https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%7Cwwwwx%7C0im3p4t%7C48463%7Czzzyrfsszu%7CY%7CM21unJj=%7CPC%7C196c4ji/p3yzp2uipaD1MwqwLzEyAJLlZQR4K3MfK0SwqTy2MGS2oS90owD=

Request Chain 59

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/764484864/?random=1602336046313&cv=9&fst=1602336046313&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/764484864/?random=1602336046313&cv=9&fst=1602334800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&is_vtc=1&random=3734762711&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/764484864/?random=1602336046313&cv=9&fst=1602334800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&is_vtc=1&random=3734762711&resp=GooglemKTybQhCsO&ipr=y

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set p3yzp2uipaD1MwqwLzEyAJLlZQR4K3MfK0SwqTy2MGS2oS90owD= Show response
trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%7Cwwwwx%7C0im3p4t%7C48463%7Czzzyrfsszu%7CY%7CM21unJj=%7CPC%7C196c4ji/
Redirect Chain

https://bit.ly/34BTPtw
http://tonsampert.com/ljhlhh.html?od=1syfshort5f7cbde5f2018_vl_Active1vl_tn4.gka6M.Yzzzyrfsszu11e7111_x11067.g7246d3d3d3gwaW0zcDR00u6Nvi
https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%7Cwwwwx%7C0im3p4t%7C48463%7Czzzyrfsszu%7CY%7CM21unJj=%7CPC%7C196c4ji/p3yzp2uipaD1MwqwLzEyA...

155 B
468 B

1051ms
586ms

Document
text/html

185.80.130.19
VPSNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%7Cwwwwx%7C0im3p4t%7C48463%7Czzzyrfsszu%7CY%7CM21unJj=%7CPC%7C196c4ji/p3yzp2uipaD1MwqwLzEyAJLlZQR4K3MfK0SwqTy2MGS2oS90owD=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.80.130.19 , Lithuania, ASN61053 (VPSNET-AS, LT),
Reverse DNS
Software: Apache /
Resource Hash: 0d0e82fdb94a08e09974db641da9bf42615d891366796c967d3a8bb0b6a3c552

Request headers

Host: trophenrogerphency.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 10 Oct 2020 13:20:41 GMT
Server: Apache
Set-Cookie: uid23610=1079766981-20201010092041-e4989a6a988b7657848e2474c472aa07-; domain=; expires=Mon, 09-Nov-2020 13:20:41 GMT; path=/; SameSite=None; Secure
Content-Length: 155
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 10 Oct 2020 13:20:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn|M21unJj=|g7246|wwwwx|0im3p4t|48463|zzzyrfsszu|Y|M21unJj=|PC|196c4ji/p3yzp2uipaD1MwqwLzEyAJLlZQR4K3MfK0SwqTy2MGS2oS90owD=
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
www.buyhearinghero.com/cicv1fr/
Redirect Chain

http://rdtrk554.com/?a=554&c=4969&s1=690370&s2=ohugetstevehaaa_tn5f7cbde5f1e7b&s3=1079766981
https://rdtrk201.com/?a=554&c=4969&s1=690370&s2=ohugetstevehaaa_tn5f7cbde5f1e7b&s3=1079766981&ckmguid=bu0raai279hs98hrbbbg
https://www.whskysr.com/8BHN2DD/612MRCK/?source_id=554&sub1=690370&sub2=2-bu0raai279hs98hrbbd0
https://www.justnowtrk.com/cmp/B2S5Q/BZ54P/?sub1=4527&sub2=690370&sub3=2-bu0raai279hs98hrbbd0&sub4=&sub5=2879282daaef4e699bfb9de6b4972568
https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

147 KB
32 KB

1018ms
972ms

Document
text/html

2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Requested by: Host: trophenrogerphency.com
URL: https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%7Cwwwwx%7C0im3p4t%7C48463%7Czzzyrfsszu%7CY%7CM21unJj=%7CPC%7C196c4ji/p3yzp2uipaD1MwqwLzEyAJLlZQR4K3MfK0SwqTy2MGS2oS90owD=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ae18a155a9880bb2f8a280c77acb06c4d0b0bb691a9cd516764d7ea6475add1

Request headers

:method: GET
:authority: www.buyhearinghero.com
:scheme: https
:path: /cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%7Cwwwwx%7C0im3p4t%7C48463%7Czzzyrfsszu%7CY%7CM21unJj=%7CPC%7C196c4ji/p3yzp2uipaD1MwqwLzEyAJLlZQR4K3MfK0SwqTy2MGS2oS90owD=#74529-45907088-4887115503224

Response headers

status: 200
date: Sat, 10 Oct 2020 13:20:44 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d632b6b54aa8fe99bd57ed8f94446b4cb1602336043; expires=Mon, 09-Nov-20 13:20:43 GMT; path=/; domain=.buyhearinghero.com; HttpOnly; SameSite=Lax PHPSESSID=819d16faf970c74ba469501970f334de; path=/cicv1fr/ _mcnc=1; Max-Age=2; Path=/ uid=rB8HfV+BtSwzcm4eCOLkAg==; expires=Mon, 09-Nov-20 13:20:44 GMT; domain=$host; path=/
vary: Accept-Encoding,User-Agent
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-microcachable: 0
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cf-cache-status: DYNAMIC
cf-request-id: 05b444c9fd0000176a0722f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336044"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5e00a3efff2a176a-FRA
content-encoding: br

Redirect headers

status: 302
server: nginx
date: Sat, 10 Oct 2020 13:20:43 GMT
content-type: text/html; charset=utf-8
content-length: 173
location: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
set-cookie: uniqueClick_BZ54P=1ab27bf4-fb98-4074-b157-1ad2ff9fce40:1602336043; Path=/; Expires=Sun, 11 Oct 2020 13:20:43 GMT transaction_id=1beb352703d342ce8a0c350defb05116; Path=/; Expires=Fri, 08 Jan 2021 13:20:43 GMT
vary: Origin
x-eflow-request-id: 72287858-377c-44a3-aa66-7e7d1545e714
via: 1.1 google
alt-svc: clear

GET
H2 200 app.css
www.buyhearinghero.com/cicv1fr/assets/css/ 10 KB
3 KB 638ms
638ms Stylesheet
text/css 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhearinghero.com/cicv1fr/assets/css/app.css
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb65e3d544bbc60ba9eb510e8a1a82aee3b3390f87e8a34a45f5739293c4923

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444cdd60000176a07270200000001
pragma: public
last-modified: Wed, 09 Sep 2020 11:58:14 GMT
server: cloudflare
etag: W/"5f58c356-298c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336045"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a3f62ce1176a-FRA
expires: Mon, 09 Nov 2020 13:20:45 GMT

GET
H2 200 autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
www.buyhearinghero.com/cicv1fr/app/desktop/css/ 369 KB
67 KB 982ms
981ms Stylesheet
text/css 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519e3475c5ee8820fd7f314364628b34e30af7420016b6af6e172bff789ebc63

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444cdd60000176a07271200000001
pragma: public
last-modified: Wed, 09 Sep 2020 12:00:20 GMT
server: cloudflare
etag: W/"5f58c3d4-5c25b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336045"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a3f62ce3176a-FRA
expires: Mon, 09 Nov 2020 13:20:45 GMT

GET
H2 200 logo.png
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 23 KB
23 KB 809ms
803ms Image
image/png 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/logo.png
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424487aae4f0fd11fae7d817ad5346722fecac20ba8541f02e4105970c294139

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 23339
cf-request-id: 05b444d05f0000176a0729d200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-5b2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336046"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3fa3e37176a-FRA
expires: Mon, 09 Nov 2020 13:20:45 GMT

GET
H2 200 ht-img.jpg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 35 KB
35 KB 808ms
802ms Image
image/jpeg 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/ht-img.jpg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61e2ab0c9a9ddf391067043358c11cc869ae67c048b88b0661378efd845a2fa

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 35903
cf-request-id: 05b444d05f0000176a0729e200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-8c3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336046"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3fa3e3a176a-FRA
expires: Mon, 09 Nov 2020 13:20:45 GMT

GET
H2 200 fb-fac5.png
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 3 KB
4 KB 658ms
653ms Image
image/png 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/fb-fac5.png
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b832be6fb6f94309208543a0ec54599684ed25150f9e989d495fee8a96277829

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 3447
cf-request-id: 05b444d05f0000176a0729f200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-d77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336046"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3fa3e3d176a-FRA
expires: Mon, 09 Nov 2020 13:20:45 GMT

GET
H2 200 fb-fac6.png
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 3 KB
4 KB 657ms
657ms Image
image/png 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/fb-fac6.png
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b96455ba3e699e4b3eaf5b77b81952ed42b4f0596c54ff7d5a8813b8ffa419

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 3528
cf-request-id: 05b444d0600000176a072a0200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-dc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336046"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3fa3e40176a-FRA
expires: Mon, 09 Nov 2020 13:20:45 GMT

GET
H2 200 fb-fac7.png
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 4 KB
4 KB 645ms
644ms Image
image/png 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/fb-fac7.png
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dece7f2974cc1c3c61688240e5d0f56862895b4d9076752e3ee8e65066dff0c

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 3780
cf-request-id: 05b444d1b10000176a072b5200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336046"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3fc4b89176a-FRA
expires: Mon, 09 Nov 2020 13:20:46 GMT

GET
H2 200 slider-img-1-1.jpg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 28 KB
28 KB 800ms
799ms Image
image/jpeg 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/slider-img-1-1.jpg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 274db608693ce0c53aa1eff389a78685398df1cf8749a19873363303041c7099

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 28461
cf-request-id: 05b444d2ee0000176a072e6200000001
pragma: public
last-modified: Wed, 09 Sep 2020 13:39:18 GMT
server: cloudflare
etag: "5f58db06-6f2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3fe4841176a-FRA
expires: Mon, 09 Nov 2020 13:20:46 GMT

GET
H2 200 slider-img-2-1.jpg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 9 KB
9 KB 669ms
669ms Image
image/jpeg 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/slider-img-2-1.jpg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c24544cb2f391d0d290c892e196cb16bb79b07313151e7b8c4257d2e6641af25

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 9405
cf-request-id: 05b444d2f20000176a072e7200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-24bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336046"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3fe584d176a-FRA
expires: Mon, 09 Nov 2020 13:20:46 GMT

GET
H2 200 slider-img-4-1.jpg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 6 KB
6 KB 662ms
661ms Image
image/jpeg 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/slider-img-4-1.jpg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d47ee7ed8d84b360f5208bac91e4a7e16a6c77a105dcb39628e1348c3f22c1b6

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 5755
cf-request-id: 05b444d3820000176a072fc200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-167b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3ff3a99176a-FRA
expires: Mon, 09 Nov 2020 13:20:46 GMT

GET
H2 200 09-20-16-Lumens-FiveYearWarrantyLogo-500W.jpg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 33 KB
33 KB 30ms
29ms Image
image/jpeg 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/09-20-16-Lumens-FiveYearWarrantyLogo-500W.jpg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c899a2a773bda28f14bf2225906efb74f1ca6851532a732ac99147b9edde3d7

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 77803
status: 200
content-length: 33727
cf-request-id: 05b444d3830000176a072fd200000001
pragma: public
last-modified: Wed, 09 Sep 2020 13:39:15 GMT
server: cloudflare
etag: "5f58db03-83bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336046"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3ff3a9d176a-FRA
expires: Sun, 08 Nov 2020 15:44:02 GMT

GET
H2 200 1_2_1024x1024-324x324.jpg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 21 KB
21 KB 795ms
795ms Image
image/jpeg 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/1_2_1024x1024-324x324.jpg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de650feb376ac70af98c3217fc1c2f7b4358cb57d30036169a24fb7ed81a2f1a

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 21159
cf-request-id: 05b444d3a10000176a0730d200000001
pragma: public
last-modified: Wed, 09 Sep 2020 13:39:15 GMT
server: cloudflare
etag: "5f58db03-52a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a3ff6b46176a-FRA
expires: Mon, 09 Nov 2020 13:20:46 GMT

GET
H2 200 visa.svg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 3 KB
1 KB 657ms
657ms Image
image/svg+xml 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/visa.svg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 968e6461fb4d98730d287cb18240ce4335657d949567cc5e4a0b22fbc1ac2253

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d4350000176a0733e200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: W/"5f4768ff-bcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a4005d87176a-FRA
expires: Mon, 09 Nov 2020 13:20:46 GMT

GET
H2 200 amex.svg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 10 KB
4 KB 647ms
646ms Image
image/svg+xml 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/amex.svg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff19161f009c7b6d1bb81339dde7f9779cb435730fc435e235f30b6545e5c1b0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d4360000176a0733f200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: W/"5f4768ff-28bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a4005d8d176a-FRA
expires: Mon, 09 Nov 2020 13:20:46 GMT

GET
H2 200 mastercard.svg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 12 KB
4 KB 646ms
645ms Image
image/svg+xml 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/mastercard.svg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e480e251982714fa5ad147d83cfb73fe167c7219bef1e795d050a8803b9b49e3

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d60c0000176a07378200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: W/"5f4768ff-306e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a4034bce176a-FRA
expires: Mon, 09 Nov 2020 13:20:47 GMT

GET
H2 200 discover.svg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 5 KB
2 KB 665ms
664ms Image
image/svg+xml 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/discover.svg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d7f5df589c8182569ccbbf59cce114dd2c12d61dbf5e1d3e46e764fe307c95b

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d6190000176a0737a200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: W/"5f4768ff-1350"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a4035bf7176a-FRA
expires: Mon, 09 Nov 2020 13:20:47 GMT

GET
H2 200 paypal.png
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 2 KB
2 KB 640ms
639ms Image
image/png 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/paypal.png
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 778e059fe8f739016146681a3997361bd8f25db21ab0a6aa6bae3fa78ee5907f

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:47 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 1675
cf-request-id: 05b444d6be0000176a07383200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-68b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a4046e5c176a-FRA
expires: Mon, 09 Nov 2020 13:20:47 GMT

GET
H2 200 klarna.svg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 2 KB
998 B 657ms
656ms Image
image/svg+xml 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/klarna.svg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d832c8e875ef1de4dde6ae962138f18cc125127046e19742842916f55b3a528

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d6c60000176a07384200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: W/"5f4768ff-7e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a4047e71176a-FRA
expires: Mon, 09 Nov 2020 13:20:47 GMT

GET
H2 200 securebag-min.png
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 3 KB
4 KB 647ms
646ms Image
image/png 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/securebag-min.png
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee079e5a246f2a8c6e78a6f5445de83d72305fa0b86fdb9638709a6632d53e4

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:47 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 3472
cf-request-id: 05b444d7500000176a07388200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-d90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336048"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a405486f176a-FRA
expires: Mon, 09 Nov 2020 13:20:47 GMT

GET
H2 200 guar100.png
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 30 KB
30 KB 809ms
808ms Image
image/png 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/guar100.png
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8812226d7fa38f7897a4eddadefa962b9ac2913194d9a0e49859527405dcb874

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:48 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 30625
cf-request-id: 05b444d8930000176a07399200000001
pragma: public
last-modified: Wed, 09 Sep 2020 13:39:17 GMT
server: cloudflare
etag: "5f58db05-77a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336048"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a4075d97176a-FRA
expires: Mon, 09 Nov 2020 13:20:47 GMT

GET
H2 200 chk-ftr-logo.png
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 4 KB
4 KB 12ms
11ms Image
image/png 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/chk-ftr-logo.png
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c5a1e9fec439c865b9c60c8fbabc3137ce7759c50fcd5d6a449c506e197fd74

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 77805
status: 200
content-length: 3754
cf-request-id: 05b444d8b30000176a0739a200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: "5f4768ff-eaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e00a4078dfb176a-FRA
expires: Sun, 08 Nov 2020 15:44:02 GMT

GET
H2 200 email-decode.min.js Show response
www.buyhearinghero.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
860 B 10ms
9ms Script
application/javascript 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buyhearinghero.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d0560000176a07299200000001
last-modified: Thu, 08 Oct 2020 10:01:47 GMT
server: cloudflare
etag: W/"5f7ee38b-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336045"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5e00a3fa2dfd176a-FRA
expires: Mon, 12 Oct 2020 13:20:45 GMT

GET
H2 200 codebase.min.js Show response
www.buyhearinghero.com/cicv1fr/assets/dist/ 122 KB
41 KB 986ms
980ms Script
application/javascript 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhearinghero.com/cicv1fr/assets/dist/codebase.min.js
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c28ebf57de9463079c6f039b127b7aba94d47be0c23d6bc2d86c13a3edafe921

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d05f0000176a0729c200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:07 GMT
server: cloudflare
etag: W/"5f4768f7-1e932"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336046"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a3fa3e34176a-FRA
expires: Mon, 09 Nov 2020 13:20:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
53 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JDMTWM

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7873eb5bb059bb4eb73722bd01ab3ebd4ebd603cfec092c8701017078bdd4d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53835
x-xss-protection: 0
last-modified: Sat, 10 Oct 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Oct 2020 13:20:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JDMTWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2827
date: Sat, 10 Oct 2020 12:33:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sat, 10 Oct 2020 14:33:38 GMT

GET
H2 200 hotjar-1053226.js Show response
static.hotjar.com/c/ 14 KB
4 KB 85ms
27ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1053226.js?sv=6

Requested by

Host: trophenrogerphency.com
URL: https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%7Cwwwwx%7C0im3p4t%7C48463%7Czzzyrfsszu%7CY%7CM21unJj=%7CPC%7C196c4ji/p3yzp2uipaD1MwqwLzEyAJLlZQR4K3MfK0SwqTy2MGS2oS90owD=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress13

Software

Resource Hash

8ac1be47fc3b9a807a99a142d72f0a51441416c749a76be60593de417ca7d153

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjarjs
age: 194
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 3194
cache-control: max-age=60
etag: W/fcfd56c82320416400eb5ac5883cf65c
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.020
accept-ranges: bytes
section-io-id: a5dac0c198ac5b18a8991e75770ef476
section-origin-responded: true

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
37 KB 38ms
24ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1022952206

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JDMTWM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef347e1c8ed46c842081c308cdbb4807594f13c8b52b22567e9ad2633d685f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37234
x-xss-protection: 0
last-modified: Sat, 10 Oct 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Oct 2020 13:20:45 GMT

GET
H2 200 102.svg
cdn.ywxi.net/meter/offer.heartechlabs.com/ 9 KB
4 KB 87ms
45ms Image
image/svg+xml 2600:9000:206e:ee00:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/offer.heartechlabs.com/102.svg?ts=undefined&l=en-US

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:ee00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

dbdd089399f6f6ff73194a075c8384f829c772ccad7e59051aa2291d299677e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
age: 358
status: 200
x-cache: Hit from cloudfront
content-type: image/svg+xml; charset=UTF-8
via: 1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
cache-control: public
x-amz-cf-pop: VIE50-C1
content-length: 4201
x-xss-protection: 1; mode=block
x-amz-cf-id: O9QdXGYpcs2KSjseHVKNQJSqMvP97nhjZfBpMcuRAf3VGXGCDjhAjg==
expires: Sat, 10 Oct 2020 14:14:47 GMT

GET
H2 200 202.svg
cdn.ywxi.net/meter/offer.heartechlabs.com/ 19 KB
7 KB 89ms
47ms Image
image/svg+xml 2600:9000:206e:ee00:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/offer.heartechlabs.com/202.svg?ts=undefined&l=en-US

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:ee00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
age: 358
status: 200
x-cache: Hit from cloudfront
content-type: image/svg+xml; charset=UTF-8
via: 1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
cache-control: public
x-amz-cf-pop: VIE50-C1
content-length: 7295
x-xss-protection: 1; mode=block
x-amz-cf-id: olHpW_xfQOpR39Jlq11mtWRmOpZ73DrHuo4Wv_MPLwF3sESCXRXk6A==
expires: Sat, 10 Oct 2020 14:14:47 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 81 KB
32 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MLRHJWT&t=gtm2&cid=352101650.1602336045

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

428592aae1e1438d351a1bd88fecf30bc725603141d00f7c38b4e36e38050fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32662
x-xss-protection: 0
last-modified: Sat, 10 Oct 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Oct 2020 13:20:45 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 34ms
33ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1022952206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

d859a4dd217c69f291adef445e1c3a938ef7d850af3ba0f79f8ae081cda89e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11343
x-xss-protection: 0
server: cafe
etag: 2112904452244658753
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Oct 2020 13:20:45 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=441361053&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&ul=en-us&de=UTF-8&dt=Buy%20Hearing%20Hero&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=543188009&gjid=471901513&cid=352101650.1602336045&tid=UA-164662441-1&_gid=1074576545.1602336045&_r=1&gtm=2wg9u15JDMTWM&z=1483166476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.buyhearinghero.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.5c0e4f2058317765546a.js Show response
script.hotjar.com/ 356 KB
71 KB 91ms
30ms Script
application/javascript 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.5c0e4f2058317765546a.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1053226.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress9
Software: /
Resource Hash: 11729dcde7afe631c0896e56dea9ea9757f3792f2e75d94731d131d6b1aa7dc0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: br
age: 176473
status: 200
section-io-cache: Hit
content-length: 71751
last-modified: Thu, 08 Oct 2020 12:15:41 GMT
etag: "d98fa33f7a73e43f4ccc1d1c7acd2bd2"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.025
section-io-id: 54b4c0fd43955ee55df34e978e5099a3
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-164662441-1&cid=352101650.1602336045&jid=543188009&gjid=471901513&_gid=1074576545.1602336045&_u=aGDAAEACQAAAAC~&z=1401791455

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Oct 2020 13:20:45 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.buyhearinghero.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1022952206/ 2 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1022952206/?random=1602336045291&cv=9&fst=1602336045291&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c3aedcc19b523e36d9d1bc016af8af44689ea64b4213988e72869b96744421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
289 B 30ms
30ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-164662441-1&cid=352101650.1602336045&jid=543188009&_u=aGDAAEACQAAAAC~&z=528715680

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 29ms
29ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-164662441-1&cid=352101650.1602336045&jid=543188009&_u=aGDAAEACQAAAAC~&z=528715680

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1022952206/ 42 B
137 B 22ms
21ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1022952206/?random=1602336045291&cv=9&fst=1602334800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&fmt=3&is_vtc=1&random=3279380878&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1022952206/ 42 B
153 B 25ms
24ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1022952206/?random=1602336045291&cv=9&fst=1602334800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&fmt=3&is_vtc=1&random=3279380878&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.buyhearinghero.com
Referer: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 09:03:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 447412
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Tue, 05 Oct 2021 09:03:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.buyhearinghero.com
Referer: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 04 Oct 2020 10:13:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 529642
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Mon, 04 Oct 2021 10:13:23 GMT

GET
H2 200 brackets.svg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 375 B
328 B 643ms
642ms Image
image/svg+xml 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/brackets.svg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62de9324d4a4ba65269a506e9fba7e2ecb07a09a65aa93f3a59f4a76be92444a

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d8c00000176a0739b200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: W/"5f4768ff-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336048"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a4079e28176a-FRA
expires: Mon, 09 Nov 2020 13:20:47 GMT

GET
H2 200 sale-bg.svg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 394 B
342 B 654ms
653ms Image
image/svg+xml 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/sale-bg.svg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a84627768d060dbd47d9085e518564cc6807307f3b62a8b511a9b17bfe2feb6e

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d9270000176a073a7200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: W/"5f4768ff-18a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336048"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a4083f87176a-FRA
expires: Mon, 09 Nov 2020 13:20:47 GMT

GET
H2 200 payment.svg
www.buyhearinghero.com/cicv1fr/app/desktop/images/ 333 KB
89 KB 1145ms
1145ms Image
image/svg+xml 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/images/payment.svg
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cf2681e0bf08e9545444a9c7acc666d1b82c399461f96745cba63628661c062

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/app/desktop/css/autoptimize_8bfadd4dd8a99813ff5246af4499b721.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05b444d93f0000176a073aa200000001
pragma: public
last-modified: Thu, 27 Aug 2020 08:04:15 GMT
server: cloudflare
etag: W/"5f4768ff-53349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336048"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5e00a4086fd1176a-FRA
expires: Mon, 09 Nov 2020 13:20:47 GMT

GET
H2 200 initialize Show response
www.buyhearinghero.com/cicv1fr/ajax.php/extensions/checktraffic/ 16 B
371 B 763ms
763ms XHR
application/json 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhearinghero.com/cicv1fr/ajax.php/extensions/checktraffic/initialize
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/assets/dist/codebase.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: */*
Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
status: 200
content-length: 16
cf-request-id: 05b444d4550000176a07353200000001
pragma: no-cache
server: cloudflare
x-microcachable: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 5e00a4008e1c176a-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-764484864

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JDMTWM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db8fe27edcf33e69b5dfdb61d112b3efc6f0466c1de1e5d15b98b2af8d54c9cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37231
x-xss-protection: 0
last-modified: Sat, 10 Oct 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Oct 2020 13:20:46 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 42ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: trophenrogerphency.com
URL: https://trophenrogerphency.com/176401dcff25e929000/ohugetstevehaaa_tn5f7cbde5f1e7b/yftn%7CM21unJj=%7Cg7246%7Cwwwwx%7C0im3p4t%7C48463%7Czzzyrfsszu%7CY%7CM21unJj=%7CPC%7C196c4ji/p3yzp2uipaD1MwqwLzEyAJLlZQR4K3MfK0SwqTy2MGS2oS90owD=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3cb5162e19d9c6ecb634881fc079ab3aa8e9855a7bc164a830730a752a73e440

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:45 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 02:14:47 GMT
x-msedge-ref: Ref A: CEFBCA4A748C4A33A12C18546F8D21DC Ref B: FRAEDGE1408 Ref C: 2020-10-10T13:20:46Z
status: 200
etag: "80553cb189dd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8318

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-100889423-26

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JDMTWM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f3adee78f4d961bead9084fa36ce049a115015f34f680f24a737ced7c08b5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37242
x-xss-protection: 0
last-modified: Sat, 10 Oct 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Oct 2020 13:20:46 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/764484864/ 2 KB
2 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/764484864/?random=1602336046210&cv=9&fst=1602336046210&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78dfae80e8d43997490aec569711e66a45e9b6c7ed8a4f87c2d74ef572b6bcfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5DDA 0
0 82ms
25ms Document
text/html 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1053226.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress13
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Response headers

status: 200
date: Sat, 10 Oct 2020 13:20:46 GMT
content-type: text/html
content-length: 851
last-modified: Mon, 28 Sep 2020 12:31:06 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.099
section-origin-responded: true
age: 1038700
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: ecabe15a824a6c0cbb2079340cc3d49e

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=441361053&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&ul=en-us&de=UTF-8&dt=Buy%20Hearing%20Hero&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAAC~&jid=1169044937&gjid=169227213&cid=352101650.1602336045&tid=UA-100889423-26&_gid=1074576545.1602336045&_r=1&gtm=2ou9u1&z=127435413

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.buyhearinghero.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-1330777.js Show response
static.hotjar.com/c/ 3 KB
2 KB 46ms
45ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1330777.js?sv=6

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress13

Software

Resource Hash

1be5fc05b173cd7ab77cbd83b7fb0f0abc14a342a715dbc613eff53071c6cf43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjarjs
age: 0
status: 200
section-io-cache: Miss
vary: Accept-Encoding
content-length: 1509
cache-control: max-age=60
etag: W/5e1651e6df8838af1bc0cf689e4b8aa8
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.018
accept-ranges: bytes
section-io-id: b9ee9aaa6bce9a258f743c1b066ca9f1
section-origin-responded: true

GET
H2 204 0
bat.bing.com/action/ 0
147 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26044631&Ver=2&mid=6530a029-e465-4642-9ba3-f92100c0075c&sid=67fc33800afb11ebb02a830722511f09&vid=67fc9d900afb11ebb91ea36a1c759c46&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Buy%20Hearing%20Hero&p=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&r=&lt=4098&evt=pageLoad&msclkid=N&sv=1&rn=255623
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Sat, 10 Oct 2020 13:20:45 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 82326E223C2F4AA280CC4B3A6E4F0FA0 Ref B: FRAEDGE1408 Ref C: 2020-10-10T13:20:46Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/764484864/ 42 B
268 B 28ms
27ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/764484864/?random=1602336046210&cv=9&fst=1602334800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&fmt=3&is_vtc=1&random=1843296901&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/764484864/ 42 B
538 B 46ms
31ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/764484864/?random=1602336046210&cv=9&fst=1602334800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&fmt=3&is_vtc=1&random=1843296901&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
469 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-100889423-26&cid=352101650.1602336045&jid=1169044937&gjid=169227213&_gid=1074576545.1602336045&_u=aGDAAUADQAAAAC~&z=245941378

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Oct 2020 13:20:46 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.buyhearinghero.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1053226/ 178 B
321 B 117ms
42ms XHR
application/json 52.16.35.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1053226/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5c0e4f2058317765546a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.35.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-35-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 10 Oct 2020 13:20:46 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1022952206/ 2 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1022952206/?random=1602336046313&cv=9&fst=1602336046313&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da5ef63db87a1bbc214605cb63990620d2e5fa8d737ae3e760b049cc62a3eef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-user-list/764484864/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/764484864/?random=1602336046313&cv=9&fst=1602336046313&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/764484864/?random=1602336046313&cv=9&fst=1602334800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java...
https://www.google.de/pagead/1p-user-list/764484864/?random=1602336046313&cv=9&fst=1602334800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=...

42 B
65 B

21ms
20ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/764484864/?random=1602336046313&cv=9&fst=1602334800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&is_vtc=1&random=3734762711&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/764484864/?random=1602336046313&cv=9&fst=1602334800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&is_vtc=1&random=3734762711&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-100889423-26&cid=352101650.1602336045&jid=1169044937&_u=aGDAAUADQAAAAC~&z=1154013312

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-100889423-26&cid=352101650.1602336045&jid=1169044937&_u=aGDAAUADQAAAAC~&z=1154013312

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1022952206/ 42 B
65 B 23ms
22ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1022952206/?random=1602336046313&cv=9&fst=1602334800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&fmt=3&is_vtc=1&random=3939339954&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1022952206/ 42 B
65 B 22ms
21ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1022952206/?random=1602336046313&cv=9&fst=1602334800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.buyhearinghero.com%2Fcicv1fr%2F%3FAFFID%3D13%26C1%3D4527%26C2%3D690370%26C3%3D2-bu0raai279hs98hrbbd0%26click_id%3D1beb352703d342ce8a0c350defb05116&tiba=Buy%20Hearing%20Hero&async=1&fmt=3&is_vtc=1&random=3939339954&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Oct 2020 13:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 place Show response
www.buyhearinghero.com/cicv1fr/ajax.php/extensions/checktraffic/ 0
139 B 732ms
732ms XHR
application/json 2606:4700:3035::681c:1a82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buyhearinghero.com/cicv1fr/ajax.php/extensions/checktraffic/place
Requested by: Host: www.buyhearinghero.com
URL: https://www.buyhearinghero.com/cicv1fr/assets/dist/codebase.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:1a82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.buyhearinghero.com/cicv1fr/?AFFID=13&C1=4527&C2=690370&C3=2-bu0raai279hs98hrbbd0&click_id=1beb352703d342ce8a0c350defb05116
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 13:20:47 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
status: 200
content-length: 0
cf-request-id: 05b444d6490000176a0737f200000001
pragma: no-cache
server: cloudflare
x-microcachable: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602336047"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 5e00a403acd0176a-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.buyhearinghero.com/	1970-01-19 13:05:36	Name: _mcnc Value: 1
			.buyhearinghero.com/	1970-01-19 13:48:48	Name: __cfduid Value: da54cfd720eb1bd05f2a9a0fd991002e71602336047

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bit.ly
cdn.ywxi.net
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
rdtrk201.com
rdtrk554.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tonsampert.com
trophenrogerphency.com
vars.hotjar.com
www.buyhearinghero.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.justnowtrk.com
www.whskysr.com
100.24.154.140
147.75.33.131
147.75.84.91
172.217.21.226
185.80.130.19
2600:9000:206e:ee00:14:6bfc:5740:93a1
2606:4700:3035::681c:1a82
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:814::2008
2a00:1450:4001:816::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81f::200e
2a00:1450:400c:c00::9b
34.107.179.180
35.244.216.24
37.97.228.157
52.16.35.20
54.88.63.181
67.199.248.11
0d0e82fdb94a08e09974db641da9bf42615d891366796c967d3a8bb0b6a3c552
11729dcde7afe631c0896e56dea9ea9757f3792f2e75d94731d131d6b1aa7dc0
1be5fc05b173cd7ab77cbd83b7fb0f0abc14a342a715dbc613eff53071c6cf43
1dece7f2974cc1c3c61688240e5d0f56862895b4d9076752e3ee8e65066dff0c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
274db608693ce0c53aa1eff389a78685398df1cf8749a19873363303041c7099
27c3aedcc19b523e36d9d1bc016af8af44689ea64b4213988e72869b96744421
3cb5162e19d9c6ecb634881fc079ab3aa8e9855a7bc164a830730a752a73e440
3d7f5df589c8182569ccbbf59cce114dd2c12d61dbf5e1d3e46e764fe307c95b
3ee079e5a246f2a8c6e78a6f5445de83d72305fa0b86fdb9638709a6632d53e4
424487aae4f0fd11fae7d817ad5346722fecac20ba8541f02e4105970c294139
428592aae1e1438d351a1bd88fecf30bc725603141d00f7c38b4e36e38050fa8
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4bb65e3d544bbc60ba9eb510e8a1a82aee3b3390f87e8a34a45f5739293c4923
519e3475c5ee8820fd7f314364628b34e30af7420016b6af6e172bff789ebc63
5c5a1e9fec439c865b9c60c8fbabc3137ce7759c50fcd5d6a449c506e197fd74
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
62de9324d4a4ba65269a506e9fba7e2ecb07a09a65aa93f3a59f4a76be92444a
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
778e059fe8f739016146681a3997361bd8f25db21ab0a6aa6bae3fa78ee5907f
7873eb5bb059bb4eb73722bd01ab3ebd4ebd603cfec092c8701017078bdd4d57
78dfae80e8d43997490aec569711e66a45e9b6c7ed8a4f87c2d74ef572b6bcfe
7cf2681e0bf08e9545444a9c7acc666d1b82c399461f96745cba63628661c062
7d832c8e875ef1de4dde6ae962138f18cc125127046e19742842916f55b3a528
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8812226d7fa38f7897a4eddadefa962b9ac2913194d9a0e49859527405dcb874
89b96455ba3e699e4b3eaf5b77b81952ed42b4f0596c54ff7d5a8813b8ffa419
8ac1be47fc3b9a807a99a142d72f0a51441416c749a76be60593de417ca7d153
8ae18a155a9880bb2f8a280c77acb06c4d0b0bb691a9cd516764d7ea6475add1
8c899a2a773bda28f14bf2225906efb74f1ca6851532a732ac99147b9edde3d7
968e6461fb4d98730d287cb18240ce4335657d949567cc5e4a0b22fbc1ac2253
9f3adee78f4d961bead9084fa36ce049a115015f34f680f24a737ced7c08b5e2
a61e2ab0c9a9ddf391067043358c11cc869ae67c048b88b0661378efd845a2fa
a84627768d060dbd47d9085e518564cc6807307f3b62a8b511a9b17bfe2feb6e
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b832be6fb6f94309208543a0ec54599684ed25150f9e989d495fee8a96277829
c24544cb2f391d0d290c892e196cb16bb79b07313151e7b8c4257d2e6641af25
c28ebf57de9463079c6f039b127b7aba94d47be0c23d6bc2d86c13a3edafe921
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d47ee7ed8d84b360f5208bac91e4a7e16a6c77a105dcb39628e1348c3f22c1b6
d859a4dd217c69f291adef445e1c3a938ef7d850af3ba0f79f8ae081cda89e12
da5ef63db87a1bbc214605cb63990620d2e5fa8d737ae3e760b049cc62a3eef8
db8fe27edcf33e69b5dfdb61d112b3efc6f0466c1de1e5d15b98b2af8d54c9cd
dbdd089399f6f6ff73194a075c8384f829c772ccad7e59051aa2291d299677e9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de650feb376ac70af98c3217fc1c2f7b4358cb57d30036169a24fb7ed81a2f1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e480e251982714fa5ad147d83cfb73fe167c7219bef1e795d050a8803b9b49e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef347e1c8ed46c842081c308cdbb4807594f13c8b52b22567e9ad2633d685f83
ff19161f009c7b6d1bb81339dde7f9779cb435730fc435e235f30b6545e5c1b0

www.buyhearinghero.com Open in urlscan Pro 2606:4700:3035::681c:1a82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

66 Requests

100 %HTTPS

48 %IPv6

18 Domains

22 Subdomains

15 IPs

6 Countries

811 kBTransfer

2307 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.buyhearinghero.com Open in urlscan Pro
2606:4700:3035::681c:1a82 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

48 %
IPv6

18
Domains

22
Subdomains

15
IPs

6
Countries

811 kB
Transfer

2307 kB
Size

2
Cookies

66 HTTP transactions
0 data transactions