p2a.co Open in urlscan Pro
54.88.233.140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://confirmmangi.com/
Effective URL:
https://p2a.co/LiA8xWI
Submission: On August 09 via automatic, source certstream-suspicious (August 9th 2024, 3:45:41 pm UTC) — Scanned from CA

Summary HTTP 77 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 29 IPs in 2 countries across 22 domains to perform 77 HTTP transactions. The main IP is 54.88.233.140, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is p2a.co. The Cisco Umbrella rank of the primary domain is 484638.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 11th 2024. Valid for: a year.

This is the only time p2a.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.218.68 172.67.218.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.88.233.140 54.88.233.140	14618 (AMAZON-AES) (AMAZON-AES)
4	13.32.192.104 13.32.192.104	16509 (AMAZON-02) (AMAZON-02)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	209.85.232.95 209.85.232.95	15169 (GOOGLE) (GOOGLE)
2 2	192.229.163.25 192.229.163.25	15133 (EDGECAST) (EDGECAST)
3	146.75.76.157 146.75.76.157	54113 (FASTLY) (FASTLY)
6	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
1	35.186.235.23 35.186.235.23	15169 (GOOGLE) (GOOGLE)
3	209.85.201.94 209.85.201.94	15169 (GOOGLE) (GOOGLE)
5	173.194.175.97 173.194.175.97	15169 (GOOGLE) (GOOGLE)
1	142.251.174.95 142.251.174.95	15169 (GOOGLE) (GOOGLE)
2	173.194.175.94 173.194.175.94	15169 (GOOGLE) (GOOGLE)
3	173.194.66.138 173.194.66.138	15169 (GOOGLE) (GOOGLE)
1	18.160.41.53 18.160.41.53	16509 (AMAZON-02) (AMAZON-02)
1	13.32.206.122 13.32.206.122	16509 (AMAZON-02) (AMAZON-02)
4	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
1	54.231.139.24 54.231.139.24	16509 (AMAZON-02) (AMAZON-02)
1	23.33.203.145 23.33.203.145	16625 (AKAMAI-AS) (AKAMAI-AS)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	13.249.39.113 13.249.39.113	16509 (AMAZON-02) (AMAZON-02)
3	142.251.174.113 142.251.174.113	15169 (GOOGLE) (GOOGLE)
2	173.194.207.156 173.194.207.156	15169 (GOOGLE) (GOOGLE)
4	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
2	142.251.174.157 142.251.174.157	15169 (GOOGLE) (GOOGLE)
1	69.90.254.51 69.90.254.51	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	172.217.222.154 172.217.222.154	15169 (GOOGLE) (GOOGLE)
2 2	142.251.16.103 142.251.16.103	15169 (GOOGLE) (GOOGLE)
16	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
2 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	52.217.236.97 52.217.236.97	16509 (AMAZON-02) (AMAZON-02)
77	29

1 172.67.218.68 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

confirmmangi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.88.233.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-233-140.compute-1.amazonaws.com

p2a.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.p2a.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.192.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-192-104.iad66.r.cloudfront.net

d2r7nnfg2zsagj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.85.232.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.163.25 (United States) 2 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.75.76.157 (Chicago, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.23 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.85.201.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 173.194.175.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.174.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.175.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f94.1e100.net

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.66.138 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.206.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-206-122.iad66.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.139.24 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.33.203.145 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-33-203-145.deploy.static.akamaitechnologies.com

origin.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-113.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.174.113 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f113.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.174.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.51 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)

e.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.154 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: qi-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.103 (Farmingdale, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.236.97 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

p2a-images.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	6 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 maps.googleapis.com — Cisco Umbrella Rank: 567 ajax.googleapis.com — Cisco Umbrella Rank: 641	270 KB
5	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	48 B
5	adsrvr.org 2 redirects js.adsrvr.org — Cisco Umbrella Rank: 2631 insight.adsrvr.org — Cisco Umbrella Rank: 1486 match.adsrvr.org — Cisco Umbrella Rank: 505	6 KB
5	gstatic.com fonts.gstatic.com maps.gstatic.com	99 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112 Failed	466 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 9677	254 B
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	349 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	80 KB
4	cloudfront.net d2r7nnfg2zsagj.cloudfront.net	1 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	22 KB
3	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	31 KB
3	twitter.com 2 redirects platform.twitter.com — Cisco Umbrella Rank: 1868 analytics.twitter.com — Cisco Umbrella Rank: 1356	775 B
3	p2a.co p2a.co — Cisco Umbrella Rank: 484638 cdn.p2a.co	172 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	3 KB
2	acuityplatform.com origin.acuityplatform.com — Cisco Umbrella Rank: 38553 e.acuityplatform.com — Cisco Umbrella Rank: 31619	3 KB
2	amazonaws.com s3.amazonaws.com p2a-images.s3.amazonaws.com	160 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
1	t.co t.co — Cisco Umbrella Rank: 979	376 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 8721	19 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	6 KB
1	confirmmangi.com 1 redirects confirmmangi.com	490 B
77	22

	Domain	Requested by
16	www.facebook.com	p2a.co
6	maps.googleapis.com	p2a.co maps.googleapis.com
5	www.googletagmanager.com	p2a.co www.googletagmanager.com www.google-analytics.com
4	www.google.ca	p2a.co
4	connect.facebook.net	p2a.co connect.facebook.net
4	d2r7nnfg2zsagj.cloudfront.net	p2a.co
3	analytics.google.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	static.ads-twitter.com	p2a.co
2	match.adsrvr.org	js.adsrvr.org
2	insight.adsrvr.org	2 redirects
2	www.google.com	2 redirects
2	googleads.g.doubleclick.net	2 redirects
2	www.googleadservices.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	maps.gstatic.com	p2a.co
2	cdn.p2a.co	p2a.co
2	platform.twitter.com	2 redirects
2	fonts.googleapis.com	p2a.co ajax.googleapis.com
1	p2a-images.s3.amazonaws.com
1	e.acuityplatform.com	origin.acuityplatform.com
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com	p2a.co
1	t.co	p2a.co
1	origin.acuityplatform.com	p2a.co
1	s3.amazonaws.com	p2a.co
1	js.adsrvr.org	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ajax.googleapis.com	p2a.co
1	cdn.mxpnl.com	p2a.co
1	cdnjs.cloudflare.com	p2a.co
1	p2a.co
1	confirmmangi.com	1 redirects
77	34

This site contains links to these domains. Also see Links.

Domain
civilrights.org
phone2action.com

Subject Issuer	Validity	Valid
p2a.co Amazon RSA 2048 M03	`2024-03-11` - `2025-04-08`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2024-07-15` - `2025-07-29`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-18` - `2024-08-16`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
*.acuityplatform.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-04` - `2024-12-04`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.googleadservices.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://p2a.co/LiA8xWI
Frame ID: FE034D66A9C603AF04FDC1D87DDADF4E
Requests: 75 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=kdlw4sf&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=3qzgwhk&upv=1.1.0
Frame ID: F389346187E47C9DC4B3CB7B2F8D4E27
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=ohx9168&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=6aaifme&upv=1.1.0
Frame ID: 8620DA3EE2D2CBA643001F043BD5440A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fighting for: Fair Courts

Page URL History Show full URLs

https://confirmmangi.com/ HTTP 301
https://p2a.co/LiA8xWI Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

77
Requests

94 %
HTTPS

0 %
IPv6

22
Domains

34
Subdomains

29
IPs

2
Countries

2809 kB
Transfer

9050 kB
Size

22
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://civilrights.org/terms-conditions/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://civilrights.org/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://phone2action.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://civilrights.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://confirmmangi.com/ HTTP 301
https://p2a.co/LiA8xWI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 30

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 48

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621068991/?random=108024644&cv=11&fst=1723218334509&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=fhe9CPKdlJIDEL-Fk6gC&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZKA5sbdIPQ8Tg3szziMENqm2bImxk0NSek&pscrd=IhMImsvWxaDohwMVp3BHAR1ZOyOFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8 HTTP 302
https://www.google.com/pagead/1p-conversion/621068991/?random=108024644&cv=11&fst=1723218334509&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=fhe9CPKdlJIDEL-Fk6gC&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMImsvWxaDohwMVp3BHAR1ZOyOFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8&is_vtc=1&cid=CAQSGwDpaXnfeixJr3XHJX8wKZJ7GqgNlLGlQXC-0Q&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZLx4DKEL5_bVO9tpe3_LtuQOtMM4-EOhb4&random=3820767386 HTTP 302
https://www.google.ca/pagead/1p-conversion/621068991/?random=108024644&cv=11&fst=1723218334509&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=fhe9CPKdlJIDEL-Fk6gC&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMImsvWxaDohwMVp3BHAR1ZOyOFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8&is_vtc=1&cid=CAQSGwDpaXnfeixJr3XHJX8wKZJ7GqgNlLGlQXC-0Q&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZLx4DKEL5_bVO9tpe3_LtuQOtMM4-EOhb4&random=3820767386&ipr=y

Request Chain 49

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881352793/?random=1878339655&cv=11&fst=1723218334609&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=F048CI6Wt9wBENnAoaQD&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQIIo8WxAkonZXZlbnQtc291cmNlLCB0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZJNfKpgMPAVGXO3cQJbxFMu2PIxUvgtbnk&pscrd=IhMI06_XxaDohwMV0XBHAR1KKhIhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8 HTTP 302
https://www.google.com/pagead/1p-conversion/881352793/?random=1878339655&cv=11&fst=1723218334609&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=F048CI6Wt9wBENnAoaQD&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQIIo8WxAkonZXZlbnQtc291cmNlLCB0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI06_XxaDohwMV0XBHAR1KKhIhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8&is_vtc=1&cid=CAQSGwDpaXnfgG2xddsbj6xe7Wlx_2Sg965CT1fbeA&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZK8aqK8ctrdUPEfEzc7xCMJa4ct58bQBIw&random=3578959430 HTTP 302
https://www.google.ca/pagead/1p-conversion/881352793/?random=1878339655&cv=11&fst=1723218334609&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=F048CI6Wt9wBENnAoaQD&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQIIo8WxAkonZXZlbnQtc291cmNlLCB0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI06_XxaDohwMV0XBHAR1KKhIhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8&is_vtc=1&cid=CAQSGwDpaXnfgG2xddsbj6xe7Wlx_2Sg965CT1fbeA&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZK8aqK8ctrdUPEfEzc7xCMJa4ct58bQBIw&random=3578959430&ipr=y

Request Chain 72

https://insight.adsrvr.org/track/up?adv=kdlw4sf&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=3qzgwhk&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=kdlw4sf&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=3qzgwhk&upv=1.1.0

Request Chain 73

https://insight.adsrvr.org/track/up?adv=ohx9168&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=6aaifme&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=ohx9168&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=6aaifme&upv=1.1.0

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request LiA8xWI Show response
p2a.co/
Redirect Chain

https://confirmmangi.com/
https://p2a.co/LiA8xWI

124 KB
34 KB

459ms
273ms

Document
text/html

54.88.233.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.233.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-233-140.compute-1.amazonaws.com

Software

Resource Hash

0c3eef77ee3ce863f764967cd78aa25c713f759bae97374b9175f2c210f86d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH
access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 09 Aug 2024 15:45:30 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=31536000; includeSubDomains;
vary: Accept-Encoding
x-cache-status: MISS
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8b08dfa02ff13870-YYZ
content-length: 167
content-type: text/html
date: Fri, 09 Aug 2024 15:45:29 GMT
expires: Fri, 09 Aug 2024 16:45:29 GMT
location: https://p2a.co/LiA8xWI
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7AoubyfHqNXEBcJZ3oZuKF91Qt4nIUDDs%2B9QgIDh3fQcQjOA4%2FciI1qQ3XKQNvIW0arr2xIZMA%2B0XJ%2FIq2%2BB4M%2FLoLmvymPrqDf3tEWkRV5rlGmxW99m5%2FtYuFSZlelVvEr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 master.css
d2r7nnfg2zsagj.cloudfront.net/css/campaign/aero/ 36 KB
12 KB 716ms
119ms Stylesheet
text/css 13.32.192.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r7nnfg2zsagj.cloudfront.net/css/campaign/aero/master.css?v=1723213663
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.192.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-192-104.iad66.r.cloudfront.net
Software: /
Resource Hash: 3f982050af270c798b7b7a5f782bd443605d046032f0ecdc95ec40402a8eef61

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 14:27:46 GMT
content-encoding: gzip
via: 1.1 8bc02eb70fbe9b20b0505e49467df014.cloudfront.net (CloudFront)
last-modified: Fri, 09 Aug 2024 14:24:40 GMT
x-amz-cf-pop: IAD66-C2
age: 4665
etag: W/"66b626a8-9167"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: e7fI6lT5qrlP8se6N8SFpnTplIicjN_pfn7bM2jpk0wZKn5uKLq85Q==

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 466ms
40ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://p2a.co/
Origin: https://p2a.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 84005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sOwN52E7I7WabLQJiAT%2BjMP0i%2BC3lvbcd78oPVWYMyDGWidvFGBuysp3iWfiJpW8qCM2HE3qOmtW%2BHQgaykTkAXtfCizLJoCn9HGSH9tzq%2FIMzQd%2F%2F7cOGije0aA0rxpOmEvX5cy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b08dfa7f9ddab64-YYZ
expires: Wed, 30 Jul 2025 15:45:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
913 B 663ms
67ms Stylesheet
text/css 209.85.232.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300,400,600

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f95.1e100.net

Software

ESF /

Resource Hash

ce9881e3ac5dda765ed9fbc009cadd1004709e99b56336e6da68aa527bbe5b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Aug 2024 15:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 15:41:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Aug 2024 15:45:31 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

266ms
101ms

Script
application/javascript

146.75.76.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: H2
Server: 146.75.76.157 Chicago, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:31 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kjyo7100139-IAD, cache-chi-kigq8000109-CHI

Redirect headers

Date: Fri, 09 Aug 2024 15:45:31 GMT
Server: ECS (cha/81FD)
x-tw-cdn: VZ
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length: 0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 316 KB
103 KB 684ms
90ms Script
text/javascript 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAWFdyujWNf3vMimnLsR1wbRhTpDkJiB_E&callback=Function.prototype

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

5457764c6687be9f93ca7ac877eae2ab9ec969d91e932f086b0b7259137fb57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105462
x-xss-protection: 0

GET
H2 200 manifest.js Show response
d2r7nnfg2zsagj.cloudfront.net/js/campaign/ 5 KB
2 KB 714ms
120ms Script
application/javascript 13.32.192.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r7nnfg2zsagj.cloudfront.net/js/campaign/manifest.js?v=1723213663
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.192.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-192-104.iad66.r.cloudfront.net
Software: /
Resource Hash: cb7cb59ff2b5dc700f153b2f58bc0509aad10055eeea7157a9bcf8d62669f161

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 14:27:46 GMT
content-encoding: br
via: 1.1 8bc02eb70fbe9b20b0505e49467df014.cloudfront.net (CloudFront)
last-modified: Fri, 09 Aug 2024 14:24:40 GMT
x-amz-cf-pop: IAD66-C2
age: 4665
etag: W/"66b626a8-128a"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3DnvHl-CiEpaPcRcWDEHddq9a0fM7waMKD7sWitC0Gu-3482PQX0lw==

GET
H2 200 vendor.js Show response
d2r7nnfg2zsagj.cloudfront.net/js/campaign/ 5 MB
1 MB 851ms
261ms Script
application/javascript 13.32.192.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r7nnfg2zsagj.cloudfront.net/js/campaign/vendor.js?v=1723213663
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.192.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-192-104.iad66.r.cloudfront.net
Software: /
Resource Hash: 9f92b621b830a315c907b6a8dfaff09a9b8167a367eba2564936ecb8c2ec2f5c

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 14:27:46 GMT
content-encoding: gzip
via: 1.1 8bc02eb70fbe9b20b0505e49467df014.cloudfront.net (CloudFront)
last-modified: Fri, 09 Aug 2024 14:24:40 GMT
x-amz-cf-pop: IAD66-C2
age: 4665
etag: W/"66b626a8-4c2db7"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ONEFj1x85_iW6TXG73HOKOaSynf7IvMmkn86hzPVwcgbJe-7LW31Ug==

GET
H2 200 app.js Show response
d2r7nnfg2zsagj.cloudfront.net/js/campaign/ 414 KB
118 KB 709ms
120ms Script
application/javascript 13.32.192.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r7nnfg2zsagj.cloudfront.net/js/campaign/app.js?v=1723213663
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.192.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-192-104.iad66.r.cloudfront.net
Software: /
Resource Hash: f500d0768fa22c507ad4231d71223a73c1b71b24ccaa472ec1da1ae7b37ef706

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 14:27:46 GMT
content-encoding: gzip
via: 1.1 8bc02eb70fbe9b20b0505e49467df014.cloudfront.net (CloudFront)
last-modified: Fri, 09 Aug 2024 14:24:41 GMT
x-amz-cf-pop: IAD66-C2
age: 4665
etag: W/"66b626a9-67990"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: B1RY0CGgnA2W1UMhQx6Seu1vUgYBBGbiw_m0etJV2fGUNhkS8o7hWQ==

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 55 KB
19 KB 391ms
144ms Script
text/javascript 35.186.235.23
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 23.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f1363db8936c4340b85abf3c024ccd868a15175717a0529e1cb883fa217b09e4

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:39:46 GMT
content-encoding: gzip
age: 345
x-guploader-uploadid: AHxI1nPQ6WcPA7z7KtxaIIiA2k-Pv6WN1kl6Nm8-vu_Sz3nLNvQGqKJ_w-Z6Dlp9sGrYwlxbX20
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18965
last-modified: Fri, 02 Aug 2024 22:47:47 GMT
server: UploadServer
etag: "509a98813635113311ff61c358d0831c"
vary: Accept-Encoding
x-goog-generation: 1722638867419324
x-goog-hash: crc32c=iIObjA==, md5=UJqYgTY1ETMR/2HDWNCDHA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=600
x-goog-stored-content-length: 18965
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 09 Aug 2024 15:49:46 GMT

GET
H2 200 f2d9d2914162861f039e8e77ab35c3
cdn.p2a.co/815538/ 113 KB
113 KB 467ms
317ms Image
image/jpeg 54.88.233.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.p2a.co/815538/f2d9d2914162861f039e8e77ab35c3

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.233.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-233-140.compute-1.amazonaws.com

Software

Resource Hash

90db39145ee15046594fbccab95e54a90c4d777fc400ad11bdbe856d0cedd066

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:31 GMT
last-modified: Mon, 10 Aug 2020 18:17:34 GMT
etag: "02e428ca446326db5d2c47899db2e152"
x-cache-status: BYPASS
x-xss-protection: 1; mode=block
content-type: image/jpeg

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 559ms
61ms Font
font/woff2 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://p2a.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 09:23:31 GMT
x-content-type-options: nosniff
age: 541320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Aug 2025 09:23:31 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 182ms
69ms XHR
application/json 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAWFdyujWNf3vMimnLsR1wbRhTpDkJiB_E&callback=Function.prototype

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://p2a.co
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 294 KB
64 KB 83ms
52ms Script
text/javascript 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAWFdyujWNf3vMimnLsR1wbRhTpDkJiB_E&callback=Function.prototype

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

sffe /

Resource Hash

22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65163
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Aug 2025 15:43:13 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 180 KB
55 KB 109ms
79ms Script
text/javascript 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAWFdyujWNf3vMimnLsR1wbRhTpDkJiB_E&callback=Function.prototype

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

sffe /

Resource Hash

fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Aug 2025 15:29:13 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 98 KB
26 KB 69ms
52ms Script
text/javascript 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAWFdyujWNf3vMimnLsR1wbRhTpDkJiB_E&callback=Function.prototype

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

sffe /

Resource Hash

6b37f9e0d5f5b2e8a9ecb857ab9d84056fcac1bee73c1279e85cb63b84bc538e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 14:10:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26198
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Aug 2025 14:10:00 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 47 KB
14 KB 150ms
134ms Script
text/javascript 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAWFdyujWNf3vMimnLsR1wbRhTpDkJiB_E&callback=Function.prototype

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

sffe /

Resource Hash

3df66b5168faa329b23a610d6f8933cd12db195d2d3c00639ed42d59fefc4587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 00:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14241
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 00:34:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 300 KB
102 KB 80ms
76ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDTDWCD

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e062436b07b3d867a9968fdd1488f1b8e4d37b5e6efbc47277aca10011cc3f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103963
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Aug 2024 15:45:33 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 521ms
56ms Script
text/javascript 142.251.174.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f95.1e100.net

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 16:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 16:44:18 GMT

GET
H2 200 ZNkCcEMOog1597357472eTDLwo3JVK
cdn.p2a.co/815538/ 24 KB
24 KB 289ms
288ms Image
image/png 54.88.233.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.p2a.co/815538/ZNkCcEMOog1597357472eTDLwo3JVK

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.233.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-233-140.compute-1.amazonaws.com

Software

Resource Hash

0bbbd9945c82d120065ce8521e1caf2b99496ec8dd2c2f4c9dcde1ccb26d0f58

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:33 GMT
last-modified: Thu, 13 Aug 2020 22:24:33 GMT
etag: "addb57340717e0f92ec25cdf42e4fa54"
x-cache-status: BYPASS
x-xss-protection: 1; mode=block
content-type: image/png

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 343ms
75ms Image
image/png 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:33 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Fri, 09 Aug 2024 15:45:33 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 341ms
74ms Image
image/png 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:33 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Fri, 09 Aug 2024 15:45:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
95 KB 90ms
74ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GLT5F15268&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTDWCD

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a4d39e6dde57ee2d11a9a710931184f37576f9ccec748ca9c1c0853e954d4e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97479
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Aug 2024 15:45:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 262ms
57ms Script
text/javascript 173.194.66.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTDWCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 14:46:44 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3529
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 09 Aug 2024 16:46:44 GMT

GET
H2 200 hotjar-1261075.js Show response
static.hotjar.com/c/ 11 KB
5 KB 356ms
159ms Script
application/javascript 18.160.41.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1261075.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTDWCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-53.iad55.r.cloudfront.net

Software

Resource Hash

818a9ed48a156b12cffa63043529fc288e1041e190e012f11bd36b5c6da70dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 15:45:33 GMT
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
etag: W/a4014a80b9e27155b406d482dd165c65
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: qW0ujbuRKjn5TX5a29vN_KL6oKhy0WVVVvwBpm_PLvCbbp1yyBN0vg==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 240 KB
85 KB 76ms
69ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-881352793&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTDWCD

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

335ab9026bf7ae5488901486f253b0d0c7b27b2dfd207f2b69b19ea017a819a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87112
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Aug 2024 15:45:33 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 240 KB
85 KB 125ms
118ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-621068991&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTDWCD

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

07cd90baca541c494b1b2d74b33a608e94cbc2218d8d88497e5dbc2f33e259e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87092
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Aug 2024 15:45:33 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 251ms
56ms Script
application/x-javascript 13.32.206.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTDWCD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.206.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-206-122.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 10:43:50 GMT
Content-Encoding: gzip
Via: 1.1 38263cd2a79bbfbde38589f8589f28be.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
Age: 18104
x-amz-server-side-encryption: AES256
ETag: W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 3OB0IMQxO9Fe2ktW3SCvchCt6Cpps5dXSkbPyXGLXFua5QnEMOWAeg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 251ms
56ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Aug 2024 15:45:33 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=12, mss=1316, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: s5ZUeL4rWA1TOQYDTZm0D3FWtObldc+4VUEYivYm546Kp6s8bqJ96gYH7DsJgqK4MtZSHpWH/WsE+wYlUxgVdA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 56ms
37ms Script
application/javascript 146.75.76.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.76.157 Chicago, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:33 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000023-IAD, cache-chi-kigq8000109-CHI

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
47 B

57ms
48ms

Script
application/javascript

146.75.76.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: H2
Server: 146.75.76.157 Chicago, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:33 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-type: application/javascript; charset=utf-8
x-cache: HIT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-chi-kigq8000109-CHI

Redirect headers

Date: Fri, 09 Aug 2024 15:45:31 GMT
Server: ECS (cha/81FD)
x-tw-cdn: VZ
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length: 0

GET
H/1.1 200
OK main.js Show response
s3.amazonaws.com/sn-lcchr/sanky-modal/js/ 4 KB
4 KB 286ms
92ms Script
application/javascript 54.231.139.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/sn-lcchr/sanky-modal/js/main.js?1723218333726
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 54.231.139.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2e75a04e30fda74f5528c7e7c0d40375e358c54a3d6454c4c37edb7fbfb3b541

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 15:45:34 GMT
Last-Modified: Wed, 01 Dec 2021 16:44:11 GMT
Server: AmazonS3
x-amz-request-id: ETVTY5JW1SADWPEX
ETag: "1af92a9f98aff8f11914f72e0bae45f0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3922
x-amz-id-2: D5bew9nWsE09fVWqZNrrPlmLItap3bP6sWTB64Z7F9i92QBd3u8C0vh4vhm1e6xgC9jp9TNXdvA=

GET
H/1.1 200
OK pixel.js Show response
origin.acuityplatform.com/event/v2/ 2 KB
3 KB 582ms
89ms Script
application/javascript 23.33.203.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.acuityplatform.com/event/v2/pixel.js
Requested by: Host: p2a.co
URL: https://p2a.co/LiA8xWI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.203.145 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-203-145.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: 89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 15:45:34 GMT
Last-Modified: Wed, 04 Jan 2023 18:57:40 GMT
Server: nginx/1.14.0
ETag: "63b5cc24-978"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2424

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 92ms
82ms Stylesheet
text/css 209.85.232.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo:300,800

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f95.1e100.net

Software

ESF /

Resource Hash

0a7e8c4c234b7d6fe91308aff1f6608bc67c48b6e7cc35f4c66dbd7f58c99594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Aug 2024 15:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 15:45:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Aug 2024 15:45:34 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 351ms
71ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=c8b40a62-e187-4f42-a7ca-824f778af454&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f686d652-9038-4b3b-8a11-a6bd7be9026d&tw_document_href=https%3A%2F%2Fp2a.co%2FLiA8xWI&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4osz&type=javascript&version=2.3.30

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 10
date: Fri, 09 Aug 2024 15:45:33 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: ed8bd75199e3b5a8
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 4e824ff66a8cadf1919a9a8613f88c92baced53cbe66c912d352c573c3a5801e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
392 B 348ms
96ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=c8b40a62-e187-4f42-a7ca-824f778af454&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f686d652-9038-4b3b-8a11-a6bd7be9026d&tw_document_href=https%3A%2F%2Fp2a.co%2FLiA8xWI&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4osz&type=javascript&version=2.3.30

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 7
date: Fri, 09 Aug 2024 15:45:33 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 74b0d02b7640babe
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 42a156cb1c2af45bbe33f91da68093487171fc671cf228f28b18571590025d76
content-length: 43

GET
H2 200 NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/ 30 KB
30 KB 96ms
89ms Font
font/woff2 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:300,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

sffe /

Resource Hash

964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://p2a.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 22:39:31 GMT
x-content-type-options: nosniff
age: 320763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30240
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:13:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Aug 2025 22:39:31 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 75ms
67ms Script
text/javascript 173.194.66.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f138.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Aug 2024 16:40:10 GMT

GET
H3 200 NGS6v5_NC0k9P9GYTbFzsQ.woff2
fonts.gstatic.com/s/heebo/v26/ 14 KB
14 KB 167ms
152ms Font
font/woff2 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9GYTbFzsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:300,800

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

sffe /

Resource Hash

e74682daec7a3f1117bc6b7c9f461d1c5d1ff5ae473b2d85a9df22af611a7e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://p2a.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 16:30:14 GMT
x-content-type-options: nosniff
age: 515720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14200
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Aug 2025 16:30:14 GMT

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 338ms
43ms Script
application/javascript 13.249.39.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1261075.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.39.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-39-113.iad89.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C1
age: 868948
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: _kebzg6NxK05OqSYJQiuCJxjRUdwzwjQpWQs7Mkwu-oZRRXibvXFbw==

POST
H2 204 collect
analytics.google.com/g/ 0
0 315ms
59ms Fetch
text/plain 142.251.174.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GLT5F15268&gtm=45je4880v870093057z8813067846za200zb813067846&_p=1723218331173&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1675792565.1723218334&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723218334&sct=1&seg=0&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&dt=Fighting%20for%3A%20Fair%20Courts&en=page_view&_fv=1&_ss=1&tfd=5814
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GLT5F15268&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.174.113 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: qc-in-f113.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://p2a.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 370ms
105ms Ping
text/plain 173.194.207.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GLT5F15268&cid=1675792565.1723218334&gtm=45je4880v870093057z8813067846za200zb813067846&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GLT5F15268&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.207.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qk-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://p2a.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 211ms
119ms Image
image/gif 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GLT5F15268&cid=1675792565.1723218334&gtm=45je4880v870093057z8813067846za200zb813067846&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1275198429

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/621068991/ 3 KB
2 KB 239ms
101ms Script
text/javascript 142.251.174.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/621068991/?random=1723218334509&cv=11&fst=1723218334509&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=fhe9CPKdlJIDEL-Fk6gC&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-621068991&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f157.1e100.net

Software

cafe /

Resource Hash

07ac1701fa3ca04d4b82e6fa74a3c401962974d3973cdc868f62818d871cf72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1589
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/881352793/ 3 KB
2 KB 82ms
80ms Script
text/javascript 142.251.174.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/881352793/?random=1723218334609&cv=11&fst=1723218334609&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=F048CI6Wt9wBENnAoaQD&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-881352793&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f157.1e100.net

Software

cafe /

Resource Hash

dbbb28558924ea0b89054f42c9a36538248a734d677b962d05f78bec52155fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1590
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 302459697573196 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 93ms
92ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302459697573196?v=2.9.164&r=stable&domain=p2a.co&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

cee8210d1ca833229982619d11e4a00d0d62209f3688cf60ce6c1fd799397d7e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Aug 2024 15:45:34 GMT
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=64, mss=1316, tbw=64394, tp=-1, tpl=-1, uplat=45, ullat=0
pragma: public
x-fb-debug: Pt2OszfyZuPf/PIufTrQ89GLroNugEqAmvICBKsShngdC2CJ205YtQEt1DVwBCiqMiRXKGrTQVdmI9E545PCaw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 206ms
206ms XHR
text/plain 173.194.66.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=836673619&t=pageview&_s=1&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&ul=en-ca&de=UTF-8&dt=Fighting%20for%3A%20Fair%20Courts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEAjBAAAACAAI~&jid=2038049579&gjid=331900379&cid=1675792565.1723218334&tid=UA-713341-4&_gid=2074455720.1723218334&_r=1&_slc=1&gtm=45He4880n81NDTDWCDv813067846za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1882754963

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

0632703ccc4859b4f317bb856a9618f16c86d7bfc3bb105d3ad45d32af216260

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://p2a.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pj Show response
e.acuityplatform.com/ 0
131 B 184ms
57ms Script
text/plain 69.90.254.51
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://e.acuityplatform.com/pj?pk=8149349748553931492&pu=https%3A%2F%2Fp2a.co%2FLiA8xWI&pixelKey=8149349748553931492
Requested by: Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.90.254.51 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H3

200

/
www.google.ca/pagead/1p-conversion/621068991/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621068991/?random=108024644&cv=11&fst=1723218334509&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1...
https://www.google.com/pagead/1p-conversion/621068991/?random=108024644&cv=11&fst=1723218334509&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=...
https://www.google.ca/pagead/1p-conversion/621068991/?random=108024644&cv=11&fst=1723218334509&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1...

42 B
64 B

80ms
78ms

Image
image/gif

172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/621068991/?random=108024644&cv=11&fst=1723218334509&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=fhe9CPKdlJIDEL-Fk6gC&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMImsvWxaDohwMVp3BHAR1ZOyOFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8&is_vtc=1&cid=CAQSGwDpaXnfeixJr3XHJX8wKZJ7GqgNlLGlQXC-0Q&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZLx4DKEL5_bVO9tpe3_LtuQOtMM4-EOhb4&random=3820767386&ipr=y

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/621068991/?random=108024644&cv=11&fst=1723218334509&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=fhe9CPKdlJIDEL-Fk6gC&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMImsvWxaDohwMVp3BHAR1ZOyOFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8&is_vtc=1&cid=CAQSGwDpaXnfeixJr3XHJX8wKZJ7GqgNlLGlQXC-0Q&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZLx4DKEL5_bVO9tpe3_LtuQOtMM4-EOhb4&random=3820767386&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.ca/pagead/1p-conversion/881352793/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881352793/?random=1878339655&cv=11&fst=1723218334609&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l...
https://www.google.com/pagead/1p-conversion/881352793/?random=1878339655&cv=11&fst=1723218334609&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w...
https://www.google.ca/pagead/1p-conversion/881352793/?random=1878339655&cv=11&fst=1723218334609&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=...

42 B
64 B

80ms
78ms

Image
image/gif

172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/881352793/?random=1878339655&cv=11&fst=1723218334609&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=F048CI6Wt9wBENnAoaQD&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQIIo8WxAkonZXZlbnQtc291cmNlLCB0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI06_XxaDohwMV0XBHAR1KKhIhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8&is_vtc=1&cid=CAQSGwDpaXnfgG2xddsbj6xe7Wlx_2Sg965CT1fbeA&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZK8aqK8ctrdUPEfEzc7xCMJa4ct58bQBIw&random=3578959430&ipr=y

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/881352793/?random=1878339655&cv=11&fst=1723218334609&bg=ffffff&guid=ON&async=1&gtm=45be4880z8813067846za201zb813067846&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fp2a.co%2FLiA8xWI&label=F048CI6Wt9wBENnAoaQD&hn=www.googleadservices.com&frm=0&tiba=Fighting%20for%3A%20Fair%20Courts&value=0&npa=0&pscdl=noapi&auid=61966309.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQIIo8WxAkonZXZlbnQtc291cmNlLCB0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI06_XxaDohwMV0XBHAR1KKhIhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOg9odHRwczovL3AyYS5jby8&is_vtc=1&cid=CAQSGwDpaXnfgG2xddsbj6xe7Wlx_2Sg965CT1fbeA&eitems=ChEI8PzWtQYQ9LGvkJGl2aK5ARIdACif1ZK8aqK8ctrdUPEfEzc7xCMJa4ct58bQBIw&random=3578959430&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 301201127601937 Show response
connect.facebook.net/signals/config/ 27 KB
5 KB 126ms
121ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301201127601937?v=2.9.164&r=stable&domain=p2a.co&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

abdf8dbfa98898a7884cbf2670b0b19bad879f63046bc92a49524e6e5aa069ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=4355, tp=9, tpl=0, uplat=70, ullat=0
pragma: public
x-fb-debug: 7Z65RBpns2eZqIl485U652mJkfJ+gbZagj4oaLxFmEOWOijICWCjDPwZcoUL0pwbuNw6GSnWV5lhZ8H2hFtTlw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 141ms
44ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302459697573196&ev=PageView&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335042&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723218335038.633928849972049659&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1316, tbw=2826, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 227ms
133ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302459697573196&ev=PageView&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335042&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723218335038.633928849972049659&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=FGET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 38
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401166394023673599", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1316, tbw=3144, tp=-1, tpl=-1, uplat=76, ullat=0
pragma: no-cache
x-fb-debug: MjC74G8T6HOeuouajD5sQxLQAuh7D9m+A4BapVbKH+ET7+v+uHXO/LPtzVkVHTdl7RfgxmaCUrZA5pNg0+p7Fw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401166394023673599"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
98 KB 67ms
66ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-425830Y881&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

1636efa071bfcaaded6998f7d1fd16023967b1de7a52c80ddbdaccb82254bce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:45:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100746
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Aug 2024 15:45:35 GMT

GET
H3 200 262057255010265 Show response
connect.facebook.net/signals/config/ 22 KB
3 KB 107ms
99ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/262057255010265?v=2.9.164&r=stable&domain=p2a.co&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C130%2C123

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

eb53bc124d2495922c4f2ed52c122ddaa4473f4452626d5eee76919249dbf861

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=29, mss=1232, tbw=11651, tp=17, tpl=0, uplat=40, ullat=0
pragma: public
x-fb-debug: AsyDZyneV13N6bYTw36xhleOol4PgXyWNFB1fxQsC10Ya1nR3h0VEl5VtKXGRkdPc3YuMC2shdEFQD3Z8q9+CA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 67ms
42ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301201127601937&ev=PageView&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335201&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=30&ler=empty&cdl=API_unavailable&cs_est=true&it=1723218334864&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1316, tbw=6507, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 73ms
51ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=301201127601937&ev=PageView&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335201&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=30&ler=empty&cdl=API_unavailable&cs_est=true&it=1723218334864&coo=false&rqm=FGET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401166394250060429", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1316, tbw=6653, tp=-1, tpl=-1, uplat=18, ullat=0
pragma: no-cache
x-fb-debug: kXGC6K26kMxScvG/Fnqp3H6BOAwxKKOZ418wXAXoD3pzjphWK5fuk7ILtXEuXlUf2bVTJjsbuaLtLL9qiOTm8g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401166394250060429"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 49ms
45ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302459697573196&ev=Page%20View&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335334&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723218335038.633928849972049659&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=4351, tp=9, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 82ms
69ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302459697573196&ev=Page%20View&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335334&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723218335038.633928849972049659&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=FGET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401166393246912799", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=10063, tp=34, tpl=0, uplat=20, ullat=0
pragma: no-cache
x-fb-debug: B978PSMw1LTHNO7UjhddYq/U3sTLkhTRQjzFn9h3uucqQS0fwRSjj2OioIR2IXXElGJ9FiFN7//SnJzxwHnjhg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401166393246912799"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 62ms
48ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301201127601937&ev=Page%20View&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335335&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=30&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=4863, tp=15, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 102ms
88ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=301201127601937&ev=Page%20View&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335335&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=30&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=FGET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 57
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401166394221337971", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=12927, tp=37, tpl=0, uplat=26, ullat=0
pragma: no-cache
x-fb-debug: TpI4xUAXzaR2if+HuvFRkqri9qGISHYHH9H7410q/sgLut7+nnEmovucsmhYv0Wiosn2Hx8lWPcRf29fLoYmpg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401166394221337971"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 63ms
50ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=262057255010265&ev=Page%20View&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335345&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=30&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=5023, tp=17, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 89ms
75ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=262057255010265&ev=Page%20View&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335345&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=30&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=FGET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 57
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401166393202795931", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=12047, tp=36, tpl=0, uplat=22, ullat=0
pragma: no-cache
x-fb-debug: p/9cd9HupXkb8aqIpJ6AV7nMinhOolGg0I5dq+wzcO/szc3brQZKhoqf4hGrIHMcG7v2uLQMeqFaqkdwXZA6QQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401166393202795931"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 62ms
48ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302459697573196&ev=Civil%20Rights%20Homepage_PageView_2022_FB&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335348&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723218335038.633928849972049659&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=5375, tp=23, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 80ms
67ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302459697573196&ev=Civil%20Rights%20Homepage_PageView_2022_FB&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335348&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723218335038.633928849972049659&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=FGET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 55
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401166393995081975", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=9183, tp=33, tpl=0, uplat=16, ullat=0
pragma: no-cache
x-fb-debug: iNR6IOdfT6S15mYualDbH5el7AFKovpQkiKbKzSLHVqBsGd01c6K1HGEH/TKslA62L7NfKxQjlSQSVaelh6z/g==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401166393995081975"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 69ms
56ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301201127601937&ev=Civil%20Rights%20Homepage_PageView_2022_FB&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335349&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=30&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=5615, tp=26, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 78ms
65ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=301201127601937&ev=Civil%20Rights%20Homepage_PageView_2022_FB&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335349&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=30&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=FGET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401166393439172216", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=5935, tp=30, tpl=0, uplat=15, ullat=0
pragma: no-cache
x-fb-debug: qRsX/f7u0EdLd3/rY+g/1TxNi3OAocs7gmPfcrwj3WkL4b1/UFCHkDRbbvIKAq6p0MKS/CJTNB6eCJIYwZxaDA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401166393439172216"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 68ms
56ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=262057255010265&ev=Civil%20Rights%20Homepage_PageView_2022_FB&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335349&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=30&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=5775, tp=28, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 15:45:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 85ms
72ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=262057255010265&ev=Civil%20Rights%20Homepage_PageView_2022_FB&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&rl=&if=false&ts=1723218335349&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=30&ler=empty&cdl=API_unavailable&it=1723218334864&coo=false&rqm=FGET

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 15:45:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401166393229197395", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=10943, tp=35, tpl=0, uplat=18, ullat=0
pragma: no-cache
x-fb-debug: Y3NV0M6qjQJYVA6x6AUl+ZCc50f7Mirh1RKh4l3Jp23wLV6aUf3fwaoV9JGksymgVtVagmvbgNos42OT1QPpAw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401166393229197395"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 111ms
67ms Fetch
text/plain 142.251.174.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-425830Y881&gtm=45je4880v9135730845za200&_p=1723218331173&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=1675792565.1723218334&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&dt=Fighting%20for%3A%20Fair%20Courts&sid=1723218335&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7066
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-425830Y881&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.174.113 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: qc-in-f113.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://p2a.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 108ms
65ms Ping
text/plain 173.194.207.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-425830Y881&cid=1675792565.1723218334&gtm=45je4880v9135730845za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-425830Y881&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.207.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qk-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://p2a.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 152ms
122ms Image
image/gif 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-425830Y881&cid=1675792565.1723218334&gtm=45je4880v9135730845za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&tag_exp=0&tag_exp=0&z=983695262

Requested by

Host: p2a.co
URL: https://p2a.co/LiA8xWI

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame F389
Redirect Chain

https://insight.adsrvr.org/track/up?adv=kdlw4sf&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=3qzgwhk&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=kdlw4sf&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=3qzgwhk&upv=1.1.0

0
0

82ms
63ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=kdlw4sf&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=3qzgwhk&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://p2a.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 09 Aug 2024 15:45:36 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 261
date: Fri, 09 Aug 2024 15:45:36 GMT
location: https://match.adsrvr.org/track/upb/?adv=kdlw4sf&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=3qzgwhk&upv=1.1.0
server: Kestrel

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame 8620
Redirect Chain

https://insight.adsrvr.org/track/up?adv=ohx9168&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=6aaifme&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=ohx9168&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=6aaifme&upv=1.1.0

0
0

82ms
62ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=ohx9168&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=6aaifme&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://p2a.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 09 Aug 2024 15:45:36 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 261
date: Fri, 09 Aug 2024 15:45:36 GMT
location: https://match.adsrvr.org/track/upb/?adv=ohx9168&ref=https%3A%2F%2Fp2a.co%2FLiA8xWI&upid=6aaifme&upv=1.1.0
server: Kestrel

GET
H/1.1 200
OK 8Aq0PQ2BfnWHHBfFUJ9m15965711526436
p2a-images.s3.amazonaws.com/production/customers/2471/ 155 KB
155 KB 533ms
147ms Other
image/jpeg 52.217.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p2a-images.s3.amazonaws.com/production/customers/2471/8Aq0PQ2BfnWHHBfFUJ9m15965711526436
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.217.236.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a444687a378359ceb8e259f6e886ca6441a68b898ad4f2ece1346320f0e5692

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 15:45:37 GMT
x-amz-version-id: eT4_SSpoLlpbwjFe5SZajnLQx.UoVpQL
Last-Modified: Tue, 04 Aug 2020 19:59:13 GMT
Server: AmazonS3
x-amz-request-id: K3BVVF97T8QBY7CM
ETag: "72e992c5fa2e22c83cfcf1abf1889fbf"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 158631
x-amz-id-2: 7N+JLmNDEkVAlNSp1bEgxw5kAohW6/CbPyaKOV6bHpVOJonVvCCqYR2Ee6yDoJ38j3d6QjIg9i8=

POST
H3 204 collect
analytics.google.com/g/ 0
0 52ms
51ms Fetch
text/plain 142.251.174.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GLT5F15268&gtm=45je4880v870093057z8813067846za200zb813067846&_p=1723218331173&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1675792565.1723218334&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1723218334&sct=1&seg=0&dl=https%3A%2F%2Fp2a.co%2FLiA8xWI&dt=Fighting%20for%3A%20Fair%20Courts&en=%5Bobject%20Object%5D&_et=25&tfd=10855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GLT5F15268&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.174.113 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: qc-in-f113.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 15:45:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://p2a.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5JN975

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
p2a.co/	1970-01-20 22:40:20	Name: XSRF-TOKEN Value: eyJpdiI6ImduTEdTRVZHZldFUTN0R0ExUXRtMFE9PSIsInZhbHVlIjoieDE1VkZcL3hVSCtCR2l1b0ZJNjRFZXl3cU96NHJ0RFR4WlpYb2pYYnpNOFdKcExYRmxuRnhPWjhTTGl1SjN5NW4iLCJtYWMiOiI2NmIwOWU1OTgzYThkYWY0NTQ0MDI4NTQ3Y2MxODZiZmMyMTg5MTg2MDNjMDI1N2M1MDUyOGZjOTVjMDliODA4In0%3D
p2a.co/	1969-12-31 23:59:59	Name: phone2action-production Value: eyJpdiI6ImI1MTFKSTdOVzNkSFwvcGpJVTFQMXFnPT0iLCJ2YWx1ZSI6IjYxRyttYlwvazRKaHdtZUFlQXJoN0wzdFgrMmptNnZWNGxjdjV1YnRSVlpqYUNlcFVvWExTc0hheStwVmczWnZtIiwibWFjIjoiMDMyOTEyYzJjMmRlMzRjOTNlYWNhYzhiMWRmNWM4ODhmYTU4ZTJlMWRhNDk2ZWM0MWQ2ZGIyOGUwZWM0MGRmYSJ9
.p2a.co/	1970-01-21 07:25:54	Name: mp_f2eda7e4cc64587235ae3ee4ffd1dc1c_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A19137d10858c66-0c6f5bb176c5cb-10462c6f-1d4c00-19137d10859c66%22%2C%22%24device_id%22%3A%20%2219137d10858c66-0c6f5bb176c5cb-10462c6f-1d4c00-19137d10859c66%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.p2a.co/	1970-01-21 00:49:54	Name: _gcl_au Value: 1.1.61966309.1723218334
.p2a.co/	1970-01-20 22:41:44	Name: _gid Value: GA1.2.2074455720.1723218334
.p2a.co/	1970-01-21 08:16:18	Name: _ga Value: GA1.1.1675792565.1723218334
.twitter.com/	1970-01-21 08:16:18	Name: personalization_id Value: "v1_kqL21dzGnuL7exy2CuOSOw=="
.t.co/	1970-01-21 08:16:18	Name: muc_ads Value: a0f38f66-e4e5-47da-9791-7ca2ba4654e2
.p2a.co/	1970-01-21 08:16:18	Name: _ga_GLT5F15268 Value: GS1.1.1723218334.1.0.1723218334.60.0.0
.p2a.co/	1970-01-20 22:40:18	Name: _gat_UA-713341-4 Value: 1
.p2a.co/	1970-01-21 07:25:54	Name: _hjSessionUser_1261075 Value: eyJpZCI6IjU5NDNhMGU3LTI0ZTUtNTQyOC1iYWM4LWEzNjYyMzRlNDcxMSIsImNyZWF0ZWQiOjE3MjMyMTgzMzQ5OTUsImV4aXN0aW5nIjp0cnVlfQ==
.p2a.co/	1970-01-20 22:40:20	Name: _hjSession_1261075 Value: eyJpZCI6IjRkYmNkMzRmLWI4ZDMtNGRmMi1hODAzLTQxMGZmMGExNmEwMSIsImMiOjE3MjMyMTgzMzQ5OTcsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.p2a.co/	1970-01-21 00:49:54	Name: _fbp Value: fb.1.1723218335038.633928849972049659
.acuityplatform.com/	1970-01-21 07:25:54	Name: auid Value: 1026390300915
.p2a.co/	1970-01-21 08:16:18	Name: _ga_425830Y881 Value: GS1.2.1723218335.1.0.1723218335.60.0.0
.adsrvr.org/	1970-01-21 07:25:54	Name: TDID Value: d6db60da-3ef3-4571-aee6-80f2c398493e
.doubleclick.net/	1970-01-21 08:16:18	Name: IDE Value: AHWqTUktSpOoklKzQvlnuueNfXIXwYg1UxiIfqQuKbIcq2OpAy_imFmrXg1Ru-4ge-I
.bluekai.com/	1970-01-21 03:05:15	Name: bku Value: YCD99vW8+ZSwUgQg
.bluekai.com/	1970-01-21 03:05:15	Name: bkpa Value: KJy9Z9O7d02pSUHknpDpmeRdSVx2jejARMRyjsW+1tPZ1066BEzhnVakjER+meOZ1Z1pmEQ6mEBkJZ5Azc/21Yj7jcO0UtBFq7Bkq7x2J7Jkjsk0wVC65cOpJEBOJEJsJEJsqVa6RtQrRVHpz7j0nZ20j0D0H7H0RVBgJEJsRtNZJEJsjtPrjUJoR0DpH7H6ja2ySVxk16HiqcPkStao9y9UPMav
.dpm.demdex.net/	1970-01-21 02:59:30	Name: dpm Value: 04377573081475497331214607708029884951
.demdex.net/	1970-01-21 02:59:30	Name: demdex Value: 04377573081475497331214607708029884951
.adsrvr.org/	1970-01-21 07:25:54	Name: TDCPM Value: CAESEwoEa3J1eBILCJjfw4SLpZw9EAUSEgoDYWFtEgsIjvzDhIulnD0QBRIWCgdibHVla2FpEgsIjKDEhIulnD0QBRIVCgZnb29nbGUSCwiw1OWMi6WcPRAFGAUgAygDMgsI-LvGsaGlnD0QBTgBQgQiAggBWgdrZGx3NHNmYAE.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
analytics.twitter.com
cdn.mxpnl.com
cdn.p2a.co
cdnjs.cloudflare.com
confirmmangi.com
connect.facebook.net
d2r7nnfg2zsagj.cloudfront.net
e.acuityplatform.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
maps.googleapis.com
maps.gstatic.com
match.adsrvr.org
origin.acuityplatform.com
p2a-images.s3.amazonaws.com
p2a.co
platform.twitter.com
s3.amazonaws.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagmanager.com
104.17.25.14
104.244.42.131
13.249.39.113
13.32.192.104
13.32.206.122
142.251.16.103
142.251.174.113
142.251.174.157
142.251.174.95
146.75.76.157
15.197.193.217
157.240.229.1
157.240.229.35
172.217.222.154
172.253.63.94
172.253.63.95
172.67.218.68
173.194.175.94
173.194.175.97
173.194.207.156
173.194.66.138
18.160.41.53
192.229.163.25
209.85.201.94
209.85.232.95
23.33.203.145
35.186.235.23
52.217.236.97
54.231.139.24
54.88.233.140
69.90.254.51
72.21.81.130
0632703ccc4859b4f317bb856a9618f16c86d7bfc3bb105d3ad45d32af216260
07ac1701fa3ca04d4b82e6fa74a3c401962974d3973cdc868f62818d871cf72c
07cd90baca541c494b1b2d74b33a608e94cbc2218d8d88497e5dbc2f33e259e2
0a7e8c4c234b7d6fe91308aff1f6608bc67c48b6e7cc35f4c66dbd7f58c99594
0bbbd9945c82d120065ce8521e1caf2b99496ec8dd2c2f4c9dcde1ccb26d0f58
0c3eef77ee3ce863f764967cd78aa25c713f759bae97374b9175f2c210f86d45
1636efa071bfcaaded6998f7d1fd16023967b1de7a52c80ddbdaccb82254bce0
22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69
2e75a04e30fda74f5528c7e7c0d40375e358c54a3d6454c4c37edb7fbfb3b541
335ab9026bf7ae5488901486f253b0d0c7b27b2dfd207f2b69b19ea017a819a8
3df66b5168faa329b23a610d6f8933cd12db195d2d3c00639ed42d59fefc4587
3f982050af270c798b7b7a5f782bd443605d046032f0ecdc95ec40402a8eef61
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
5457764c6687be9f93ca7ac877eae2ab9ec969d91e932f086b0b7259137fb57e
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6b37f9e0d5f5b2e8a9ecb857ab9d84056fcac1bee73c1279e85cb63b84bc538e
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
818a9ed48a156b12cffa63043529fc288e1041e190e012f11bd36b5c6da70dbb
89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533
8a444687a378359ceb8e259f6e886ca6441a68b898ad4f2ece1346320f0e5692
90db39145ee15046594fbccab95e54a90c4d777fc400ad11bdbe856d0cedd066
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
9f92b621b830a315c907b6a8dfaff09a9b8167a367eba2564936ecb8c2ec2f5c
a4d39e6dde57ee2d11a9a710931184f37576f9ccec748ca9c1c0853e954d4e48
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abdf8dbfa98898a7884cbf2670b0b19bad879f63046bc92a49524e6e5aa069ca
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb7cb59ff2b5dc700f153b2f58bc0509aad10055eeea7157a9bcf8d62669f161
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ce9881e3ac5dda765ed9fbc009cadd1004709e99b56336e6da68aa527bbe5b2a
cee8210d1ca833229982619d11e4a00d0d62209f3688cf60ce6c1fd799397d7e
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dbbb28558924ea0b89054f42c9a36538248a734d677b962d05f78bec52155fb2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e062436b07b3d867a9968fdd1488f1b8e4d37b5e6efbc47277aca10011cc3f9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74682daec7a3f1117bc6b7c9f461d1c5d1ff5ae473b2d85a9df22af611a7e99
eb53bc124d2495922c4f2ed52c122ddaa4473f4452626d5eee76919249dbf861
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1363db8936c4340b85abf3c024ccd868a15175717a0529e1cb883fa217b09e4
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f500d0768fa22c507ad4231d71223a73c1b71b24ccaa472ec1da1ae7b37ef706
fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506

p2a.co Open in urlscan Pro 54.88.233.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

94 %HTTPS

0 %IPv6

22 Domains

34 Subdomains

29 IPs

2 Countries

2809 kBTransfer

9050 kBSize

22 Cookies

4 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

p2a.co Open in urlscan Pro
54.88.233.140 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

94 %
HTTPS

0 %
IPv6

22
Domains

34
Subdomains

29
IPs

2
Countries

2809 kB
Transfer

9050 kB
Size

22
Cookies

77 HTTP transactions
0 data transactions