winads.eraofecom.org Open in urlscan Pro
2606:4700:3031::6815:2bfa  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response winads.eraofecom.org/	9 KB 3 KB	239ms 97ms	Document text/html	2606:4700:3031::6815:2bfa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2bfa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 019d5a758ef0ec4f5e82371fb8344d654b8a099da49d9deaed013fa824d18d5f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control private, must-revalidate cf-cache-status DYNAMIC cf-ray 8a19e1cf4d9339fc-YYZ content-encoding br content-type text/html; charset=UTF-8 date Thu, 11 Jul 2024 15:38:42 GMT expires -1 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3Fdw04dORMkSdF6kkjHxVhSdG0tPXVca%2BtDgHi3daqw%2FbE2V8yGtKALcnrALky%2FNuPp73dAGh9j7ILJeX40bsIC9Na5PZ%2BeR11uSw9TjJz7JCY9cfIwdi%2F7Rfov2HZyag9b0zkbsUdgn07vDIsoriA4Gg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	2 KB 907 B	456ms 103ms	Stylesheet text/css	2607:f8b0:400d:c0e::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Quicksand:500,700&display=swap Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a61cf45a430e0e49e28f22b88b6d7fe99febd6dd4e2516d8269c8e5fa3f14d2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 11 Jul 2024 15:38:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 11 Jul 2024 15:38:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Jul 2024 15:38:42 GMT
GET H3	200	slim.css winads.eraofecom.org/css/	7 KB 3 KB	50ms 48ms	Stylesheet text/css	2606:4700:3031::6815:2bfa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/css/slim.css Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2bfa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad6a73a3f0fe90a7490cf059ca49d0600e4db67d3124cc24d30f8cc4d51716c6 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:38:42 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 05 Nov 2021 06:16:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1c0f-5d00496873586-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7m05AAKjQc0OtknL26JdLoblfZZr6Md81uhAwc1sm6pWgfvKAN1sqHoxw5tk4prasHU5J0BuGFxxO7PJJ5zdT8o9mL32gmZdUi8RclHa8%2Ba2PfMapBP%2BxwSPl1P%2F%2F77CIb%2FFn2mVVes%2FcFQZ2j2bVd96tg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 8a19e1cffe3d39fc-YYZ alt-svc h3=":443"; ma=86400 content-length 2116
GET H3	200	includes.js Show response winads.eraofecom.org/js/	4 KB 2 KB	78ms 76ms	Script application/javascript	2606:4700:3031::6815:2bfa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/js/includes.js Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2bfa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ebe0a2693e7fa369a7c3533505cc9f6941ed56739d4f0945c8f3c38ee2cf9df Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:38:42 GMT content-encoding gzip cf-cache-status MISS last-modified Sat, 31 Dec 2022 07:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1070-5f11aa1b9dc8b-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQBG%2BN3b5cKNXVgun8C6PNTdmjySZH0QMHLOgGbQEKGmTEHTa7Zot9zVGjgnk%2FdfNW8vNITgAJImUkEdgPBlL7z%2BK4D%2F%2BRGoF7mwnh0gWgon5odw7bmd%2B%2B2Nc0iJS9rmpkjM7NQ2J4dkJhMWC0eLH3YH6g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8a19e1cffe3e39fc-YYZ alt-svc h3=":443"; ma=86400 content-length 1537
GET H3	200	Tracker.js Show response winads.eraofecom.org/js/	5 KB 2 KB	48ms 46ms	Script application/javascript	2606:4700:3031::6815:2bfa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/js/Tracker.js Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2bfa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01aa9690b4812e3948f0378c8f6085d2102c8cf5d1aba7ce8939fbed16e0e034 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:38:42 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 19 Jul 2020 16:19:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "133c-5aacdc06cc8b7-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WgK6k4kVHCsEhxgxFTaJtMUU%2FqLU9og3d8m4sEWNGcT15v6DdNRUCH0uD6IBFbax20UrPUTpuqkPaEf55EMLYLGqKqnpef2F1oUTaXD567YXaEoDQ9lB66sUJzO2S%2Bj3%2FkaPPK%2FwVJTqJBB%2Bj7Y5N1m2sg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8a19e1cffe4139fc-YYZ alt-svc h3=":443"; ma=86400 content-length 1190
GET H3	200	imports.css winads.eraofecom.org/css/	560 KB 67 KB	78ms 76ms	Stylesheet text/css	2606:4700:3031::6815:2bfa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/css/imports.css Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2bfa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06ce24ee44c2013804799b6d895751b845bd969ddd53f5b3384c59741567ae84 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:38:42 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 06 Sep 2023 11:54:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "8c049-604af66cd30c1-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2XN6hwaF6cs0VyeyYxNDmZGnfN7ncNKz%2BK5byYgqiGw1RfW%2BQUMFF9mbBfaYPbMb9o56JkRJsuTqvRsLUKL4CG2bqp79NveB8AUprGJYlneZ%2FB88T5vbet8rtGp8W5y4JTPogRBhZXqdFrGidO4ZcXTLg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a19e1cffe4239fc-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	plans.css winads.eraofecom.org/css/	32 KB 7 KB	80ms 78ms	Stylesheet text/css	2606:4700:3031::6815:2bfa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/css/plans.css Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2bfa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23f59a1062708b80e63dfc8d8ac52fa5987eacd312f61ffe02d279699a5bc879 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:38:42 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 04 Jul 2022 08:28:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "8145-5e2f6843b12c5-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Opact9YVrPybJvRmtzk3%2BrhxrbeKtsR5VVlugxmDV%2BZlzOaqAurrXUiBS%2BUmmQl49z%2FSgXjsw8LdItiRmNgAN81gtYlQUzj4zyrZe8GT1vXjDUEFZC7vwkknc%2BnjxjwBMwNEI9%2BSzl8SMXYgq70fGoGmQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 8a19e1cffe4539fc-YYZ alt-svc h3=":443"; ma=86400 content-length 6260
GET H3	200	winAds-landscape-lg-b.png winads.eraofecom.org/images/	21 KB 22 KB	51ms 50ms	Image image/png	2606:4700:3031::6815:2bfa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winads.eraofecom.org/images/winAds-landscape-lg-b.png Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2bfa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8838619a3e9a8a87b8636f8d91ddb682fafb12ca5aa630804ae83f9f7451e773 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:38:42 GMT cf-cache-status MISS last-modified Tue, 09 Feb 2021 10:26:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5517-5bae4b9fcefb5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FFvf41Nbn%2F%2BGTahfAMqUkAjtkZoV0kSz%2FiDfYbOm1B5S4%2Bs%2FGLid8NlwBja%2BwyPZEEsaaeyrxirki7iEjmnepRbgUZw6R0GLiKH5jLOcYGUKk3bMHFAK7buWRWmxpLn2aKnl2SgvNBtOxw%2Bac7JmFx07Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a19e1cffe4739fc-YYZ alt-svc h3=":443"; ma=86400 content-length 21783
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	252ms 76ms	Script text/javascript	2607:f8b0:4004:c07::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/js/includes.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::71 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 11 Jul 2024 14:13:32 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 5111 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 11 Jul 2024 16:13:32 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	223 KB 60 KB	236ms 68ms	Script application/x-javascript	2a03:2880:f003:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/js/includes.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 11 Jul 2024 15:38:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58653 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=21, rtx=0, c=13, mss=1392, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug 7eQ1UwIR3Ttgi4z6VMNpAoglwiMBXdFwR/YYFWc4p25JPqaWmqmMTsl5OvQz2SXjxlhoeiFywQaa2uyjMwyWHg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	hotjar-1647270.js Show response static.hotjar.com/c/	9 KB 4 KB	865ms 379ms	Script application/javascript	18.160.41.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1647270.js?sv=6 Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/js/includes.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.41.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-41-112.iad55.r.cloudfront.net Software / Resource Hash 77c62a43bc01e4a073c0324bfb5bd1a2d5d45fa6cfe409bb2ff9ac10f44eb317 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:38:43 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 2174e600dd54879ba9f49d0337eeb2dc.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P1 etag W/3c794e0ff9803a921875ea23669200fc vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id 3Pt6qFV2cL4UPvFqjZ5USDOmnwbJP7glj5ioIrJubM_AXhujF3Xkdg==
GET H3	200	hexa2.jpg winads.eraofecom.org/images/	45 KB 45 KB	68ms 68ms	Image image/jpeg	2606:4700:3031::6815:2bfa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winads.eraofecom.org/images/hexa2.jpg Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/css/slim.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2bfa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6338966d4d001672199b791b3255ae315202bcd91e1f97112e38ffa61f36e099 Request headers Referer https://winads.eraofecom.org/css/slim.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:38:43 GMT cf-cache-status MISS last-modified Fri, 24 Jul 2020 15:18:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "b26d-5ab317b38d830" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wpFhAxWBbCyPrEkkeZZFbgjy1WasF76c4jCgmUIg96Pv0QOpmojb%2Fs8zTGypqgk03LVhVygEnXPi4t48ZYJLJYlai6zTKtqj9Ah0vf3kqCQIrIrd0QyHhgbDHqG1h8kduhJppLPONIFLvbmH0VZWW4tYEQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8a19e1d2f94e39fc-YYZ alt-svc h3=":443"; ma=86400 content-length 45677
GET H2	200	6xKtdSZaM9iE8KbpRA_hK1QN.woff2 fonts.gstatic.com/s/quicksand/v31/	27 KB 28 KB	838ms 387ms	Font font/woff2	2607:f8b0:400d:c0d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Quicksand:500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://winads.eraofecom.org User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 11:40:06 GMT x-content-type-options nosniff age 273517 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28064 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:22:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 08 Jul 2025 11:40:06 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 212 B	58ms 56ms	XHR text/plain	2607:f8b0:4004:c07::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1676626666&t=pageview&_s=1&dl=https%3A%2F%2Fwinads.eraofecom.org%2F&ul=en-ca&de=UTF-8&dt=Win%20Ads&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=968814940&gjid=611191804&cid=1720446132.1720712323&tid=UA-126210467-2&_gid=1894339488.1720712323&_r=1&_slc=1&z=974494506 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::71 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 11 Jul 2024 15:38:43 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://winads.eraofecom.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1476784645704645 Show response connect.facebook.net/signals/config/	58 KB 12 KB	152ms 151ms	Script application/x-javascript	2a03:2880:f003:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1476784645704645?v=2.9.161&r=stable&domain=winads.eraofecom.org&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ddd049d8856fca1bc077d2a36e89af0d9e989fda9c2a8a34117cf0dc5ae41351 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 11 Jul 2024 15:38:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=32, rtx=0, c=62, mss=1392, tbw=64170, tp=-1, tpl=-1, uplat=105, ullat=0 pragma public x-fb-debug nBb9C2gZrN7CMb92cnslHZ34pCaFr19bobjotMhzs0dUDy+GOWGvdFL/Q2bwFr3NtlbAcm8RWYv7e2olihN1uA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 275 B	567ms 70ms	Image text/plain	2a03:2880:f103:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1476784645704645&ev=PageView&dl=https%3A%2F%2Fwinads.eraofecom.org%2F&rl=&if=false&ts=1720712323522&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720712323520.127496494939818373&ler=empty&cdl=API_unavailable&it=1720712323320&coo=false&rqm=GET Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=2790, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 11 Jul 2024 15:38:44 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 4 KB	700ms 204ms	Image image/png	2a03:2880:f103:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1476784645704645&ev=PageView&dl=https%3A%2F%2Fwinads.eraofecom.org%2F&rl=&if=false&ts=1720712323522&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720712323520.127496494939818373&ler=empty&cdl=API_unavailable&it=1720712323320&coo=false&rqm=FGET Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xcd4e2726515decd0","source_keys":["1","2"]},{"key_piece":"0x1263b70e52779ddb","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding br x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Thu, 11 Jul 2024 15:38:44 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7390403157898965778", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=3109, tp=-1, tpl=-1, uplat=141, ullat=0 pragma no-cache x-fb-debug LCPHEW4asbmf/2iQnL2VVr0PlIDuJZXLX4n8iax4UTAJwAyCPzUV0CFg0Zcn4V+984YTppDinvonPLr8m4kiuQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7390403157898965778"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	modules.e4b2dc39f985f11fb1e4.js Show response script.hotjar.com/	223 KB 56 KB	354ms 83ms	Script application/javascript	99.84.191.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1647270.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.191.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-191-81.iad89.r.cloudfront.net Software / Resource Hash 619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 01 Jul 2024 08:11:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 6c2e384f59feb64a0c739aee7f890066.cloudfront.net (CloudFront) x-amz-cf-pop IAD89-C2 age 890857 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56291 last-modified Mon, 01 Jul 2024 08:10:34 GMT etag "ca025d2d8ae4b3dc51e058b782590501" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id PQcPH0JCEwAuHi18T9tdLMYDtoQbePaZK6T5jpKuSk_BHZX3UeXgAw==
POST H2	200	/ Show response content.hotjar.io/	56 B 172 B	798ms 260ms	XHR application/json	52.208.243.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?site_id=1647270&gzip=1 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.208.243.88 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-243-88.eu-west-1.compute.amazonaws.com Software / Resource Hash 9bc9e896143964094e42739a1cdf92bfda7f528f2ee7d7adb320d5abc22bcf21 Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Thu, 11 Jul 2024 15:38:45 GMT content-length 56 access-control-max-age 86400 content-type application/json
GET H3	200	favicon.png winads.eraofecom.org/images/	3 KB 4 KB	48ms 47ms	Other image/png	2606:4700:3031::6815:2bfa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/images/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2bfa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa63dc40ce415c54defe8ef7e8b70a7ed91550e68d5834f2729b4b301776747d Request headers Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 15:38:44 GMT cf-cache-status MISS last-modified Tue, 09 Feb 2021 10:26:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "cc9-5bae4b9fce015" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5wpzpjorQ1e1eM2xg2AwYxhbzTSGIF9lpcnO1%2BBN0jhUWbl1UNOUrg4kRnjfYxPVafcmWE9HFdhCkFySrARhE6nQArOBFI%2FOw3cTsiX5yznIfNU2j0T8HRITW8vLHdn5bscP9eV3qE2TfOv3oIxNcAKQ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a19e1dbaa2839fc-YYZ alt-svc h3=":443"; ma=86400 content-length 3273

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| tracking string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| hj object| _hjSettings function| Tracker object| urlParams function| yooo object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.eraofecom.org/	1970-01-21 07:34:32	Name: _ga Value: GA1.2.1720446132.1720712323
			.eraofecom.org/	1970-01-20 21:59:58	Name: _gid Value: GA1.2.1894339488.1720712323
			.eraofecom.org/	1970-01-20 21:58:32	Name: _gat Value: 1
			.eraofecom.org/	1970-01-21 00:08:08	Name: _fbp Value: fb.1.1720712323520.127496494939818373
			.eraofecom.org/	1970-01-21 06:44:08	Name: _hjSessionUser_1647270 Value: eyJpZCI6ImFlY2Q5NmJkLWMyODUtNWI2OC1hYzIxLTk4MTBlOTczODhhZiIsImNyZWF0ZWQiOjE3MjA3MTIzMjQzMjYsImV4aXN0aW5nIjp0cnVlfQ==
			.eraofecom.org/	1970-01-20 21:58:34	Name: _hjSession_1647270 Value: eyJpZCI6ImVlYmM0YjJmLWVlY2UtNDVkYS1hZWIwLTFmZTM0NzE1ODMzMCIsImMiOjE3MjA3MTIzMjQzMjcsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://winads.eraofecom.org/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
static.hotjar.com
winads.eraofecom.org
www.facebook.com
www.google-analytics.com
18.160.41.112
2606:4700:3031::6815:2bfa
2607:f8b0:4004:c07::71
2607:f8b0:400d:c0d::5e
2607:f8b0:400d:c0e::5f
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
52.208.243.88
99.84.191.81
019d5a758ef0ec4f5e82371fb8344d654b8a099da49d9deaed013fa824d18d5f
01aa9690b4812e3948f0378c8f6085d2102c8cf5d1aba7ce8939fbed16e0e034
06ce24ee44c2013804799b6d895751b845bd969ddd53f5b3384c59741567ae84
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23f59a1062708b80e63dfc8d8ac52fa5987eacd312f61ffe02d279699a5bc879
3ebe0a2693e7fa369a7c3533505cc9f6941ed56739d4f0945c8f3c38ee2cf9df
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
6338966d4d001672199b791b3255ae315202bcd91e1f97112e38ffa61f36e099
77c62a43bc01e4a073c0324bfb5bd1a2d5d45fa6cfe409bb2ff9ac10f44eb317
8838619a3e9a8a87b8636f8d91ddb682fafb12ca5aa630804ae83f9f7451e773
9a61cf45a430e0e49e28f22b88b6d7fe99febd6dd4e2516d8269c8e5fa3f14d2
9bc9e896143964094e42739a1cdf92bfda7f528f2ee7d7adb320d5abc22bcf21
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad6a73a3f0fe90a7490cf059ca49d0600e4db67d3124cc24d30f8cc4d51716c6
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
ddd049d8856fca1bc077d2a36e89af0d9e989fda9c2a8a34117cf0dc5ae41351
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa63dc40ce415c54defe8ef7e8b70a7ed91550e68d5834f2729b4b301776747d