secured.kraftgun.com Open in urlscan Pro
18.196.95.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/2ZlSsg9#PPK36_C87AM_J5JIS
Effective URL:
https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f...
Submission: On February 19 via api (February 19th 2021, 10:31:57 pm UTC) from BE

Summary HTTP 108 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 34 domains to perform 108 HTTP transactions. The main IP is 18.196.95.178, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is secured.kraftgun.com.
TLS certificate: Issued by R3 on January 5th 2021. Valid for: 3 months.

This is the only time secured.kraftgun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	103.253.27.81 103.253.27.81	63930 (READYSERV...) (READYSERVER-SG READY SERVER PTE LTD)
1	167.114.223.193 167.114.223.193	16276 (OVH) (OVH)
1 1	34.102.170.20 34.102.170.20	15169 (GOOGLE) (GOOGLE)
1	18.196.95.178 18.196.95.178	16509 (AMAZON-02) (AMAZON-02)
3	13.226.159.37 13.226.159.37	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:212... 2600:9000:2127:ca00:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2606:4700:20:... 2606:4700:20::681a:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	2600:9000:218... 2600:9000:2182:2200:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.107.168.177 34.107.168.177	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100::687e:2471	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.113.2 151.101.113.2	54113 (FASTLY) (FASTLY)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	13.226.159.89 13.226.159.89	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	23.218.209.87 23.218.209.87	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.226.159.129 13.226.159.129	16509 (AMAZON-02) (AMAZON-02)
3	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	3.227.227.165 3.227.227.165	14618 (AMAZON-AES) (AMAZON-AES)
1	13.84.54.237 13.84.54.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2a04:4e42:600... 2a04:4e42:600::626	54113 (FASTLY) (FASTLY)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
17	13.226.156.219 13.226.156.219	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	35.173.63.32 35.173.63.32	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b110:b216:4622:d058:b1a9	14618 (AMAZON-AES) (AMAZON-AES)
1	3.88.95.40 3.88.95.40	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:66b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
108	38

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.253.27.81 (Singapore) 1 redirects

ASN63930 (READYSERVER-SG READY SERVER PTE LTD, SG)
PTR: gricinomis.com

gricinomis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.114.223.193 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: kidscien.club

popularkite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.170.20 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 20.170.102.34.bc.googleusercontent.com

www.vdksda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.95.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com

secured.kraftgun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.159.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-37.dus51.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

92ab5d6997844ed5b484a962b8c15274.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:ca00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:76b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

apps.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2182:2200:1:a3fa:7cc0:93a1 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.168.177 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 177.168.107.34.bc.googleusercontent.com

www.ghj65trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::687e:2471 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-89.dus51.r.cloudfront.net

cdn.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-129.dus51.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.227.227.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-227-165.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.84.54.237 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

track.rev-stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 13.226.156.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-219.dus51.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.63.32 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-63-32.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:b216:4622:d058:b1a9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.88.95.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-95-40.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:66b (United States)

ASN13335 (CLOUDFLARENET, US)

storage.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsa39.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	184 KB
10	gstatic.com fonts.gstatic.com	159 KB
8	tawk.to embed.tawk.to static-v.tawk.to va.tawk.to vsa39.tawk.to	118 KB
8	jwplayer.com 4 redirects cdn.jwplayer.com	77 KB
5	elfsight.com 1 redirects apps.elfsight.com static.elfsight.com storage.elfsight.com	124 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	28 KB
4	jwpsrv.com assets-jpcust.jwpsrv.com	107 KB
4	jwpcdn.com ssl.p.jwpcdn.com	203 KB
4	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
4	googletagmanager.com www.googletagmanager.com	159 KB
3	jsdelivr.net cdn.jsdelivr.net	54 KB
3	google.de www.google.de	792 B
3	google.com 1 redirects www.google.com	1 KB
3	facebook.com www.facebook.com	725 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net	5 KB
3	quora.com a.quora.com q.quora.com	15 KB
3	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com	11 KB
3	unbounce.com builder-assets.unbounce.com	39 KB
2	jwpltx.com prd.jwpltx.com	108 B
2	googleadservices.com www.googleadservices.com	15 KB
2	bing.com bat.bing.com	9 KB
2	yimg.com s.yimg.com	7 KB
2	facebook.net connect.facebook.net	94 KB
2	ghj65trk.com www.ghj65trk.com	15 KB
2	ubembed.com 92ab5d6997844ed5b484a962b8c15274.js.ubembed.com assets.ubembed.com	48 KB
1	ub-analytics.com events.ub-analytics.com	245 B
1	rev-stripe.com track.rev-stripe.com	281 B
1	powerinboxedge.com cdn.powerinboxedge.com	1 KB
1	taboola.com cdn.taboola.com	22 KB
1	kraftgun.com secured.kraftgun.com	27 KB
1	vdksda.com 1 redirects www.vdksda.com	460 B
1	popularkite.com popularkite.com	443 B
1	gricinomis.com 1 redirects gricinomis.com	480 B
1	bit.ly 1 redirects bit.ly	217 B
108	34

	Domain	Requested by
17	d9hhrg4mnvzow.cloudfront.net	secured.kraftgun.com
10	fonts.gstatic.com	fonts.googleapis.com
8	cdn.jwplayer.com	4 redirects secured.kraftgun.com cdn.jwplayer.com
4	assets-jpcust.jwpsrv.com	secured.kraftgun.com
4	fonts.googleapis.com	builder-assets.unbounce.com static-v.tawk.to
4	ssl.p.jwpcdn.com	cdn.jwplayer.com
4	www.googletagmanager.com	secured.kraftgun.com www.googletagmanager.com
3	vsa39.tawk.to	static-v.tawk.to
3	cdn.jsdelivr.net	static-v.tawk.to
3	va.tawk.to	static-v.tawk.to
3	www.google.de	secured.kraftgun.com
3	www.google.com	1 redirects secured.kraftgun.com
3	www.facebook.com	secured.kraftgun.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	tr.outbrain.com	amplify.outbrain.com secured.kraftgun.com
3	builder-assets.unbounce.com	secured.kraftgun.com
2	prd.jwpltx.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	q.quora.com	secured.kraftgun.com
2	bat.bing.com	secured.kraftgun.com
2	s.yimg.com	secured.kraftgun.com s.yimg.com
2	connect.facebook.net	secured.kraftgun.com connect.facebook.net
2	www.ghj65trk.com	secured.kraftgun.com www.ghj65trk.com
2	static.elfsight.com	secured.kraftgun.com apps.elfsight.com
2	apps.elfsight.com	1 redirects apps.elfsight.com
2	d34qb8suadcc4g.cloudfront.net	secured.kraftgun.com d34qb8suadcc4g.cloudfront.net
1	static-v.tawk.to	embed.tawk.to
1	storage.elfsight.com	static.elfsight.com
1	rp4.liadm.com	secured.kraftgun.com
1	rp.liadm.com	1 redirects
1	events.ub-analytics.com	secured.kraftgun.com
1	embed.tawk.to	secured.kraftgun.com
1	track.rev-stripe.com	secured.kraftgun.com
1	assets.ubembed.com	92ab5d6997844ed5b484a962b8c15274.js.ubembed.com
1	amplify.outbrain.com	secured.kraftgun.com
1	cdn.powerinboxedge.com	secured.kraftgun.com
1	cdn.taboola.com	secured.kraftgun.com
1	a.quora.com	secured.kraftgun.com
1	b-code.liadm.com	secured.kraftgun.com
1	92ab5d6997844ed5b484a962b8c15274.js.ubembed.com	secured.kraftgun.com
1	ajax.googleapis.com	secured.kraftgun.com
1	secured.kraftgun.com	popularkite.com
1	www.vdksda.com	1 redirects
1	popularkite.com
1	gricinomis.com	1 redirects
1	bit.ly	1 redirects
108	46

This site contains links to these domains. Also see Links.

Domain
apps.elfsight.com
elfsight.com

Subject Issuer	Validity	Valid
popularkite.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-13` - `2022-01-13`	a year	crt.sh
secured.kraftgun.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
*.unbounce.com Amazon	`2020-04-08` - `2021-05-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
z.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-02` - `2021-04-23`	8 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
ghj65trk.com Go Daddy Secure Certificate Authority - G2	`2020-12-03` - `2021-10-04`	10 months	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
quora.com R3	`2021-02-07` - `2021-05-08`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
cdn.powerinboxedge.com Amazon	`2020-06-17` - `2021-07-17`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-01-14` - `2021-03-02`	2 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
assets.ubembed.com Amazon	`2020-04-04` - `2021-05-04`	a year	crt.sh
*.quora.com R3	`2021-02-07` - `2021-05-08`	3 months	crt.sh
track.rev-stripe.com R3	`2021-02-08` - `2021-05-09`	3 months	crt.sh
jwplayer.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-24` - `2021-04-25`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.ub-analytics.com Amazon	`2020-06-08` - `2021-07-08`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.liadm.com Amazon	`2020-03-31` - `2021-04-30`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Frame ID: 82A9C27D338AE20D2FC50D5F132F849E
Requests: 103 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: A1AC73D5A95B31459CD875D6BC9D0E0E
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 17828770DEFD41B82A8E5A7779D41931
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: FAD1C1EE549D3FB96E2E7DEDFEA1E5D2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/2ZlSsg9 HTTP 301
http://gricinomis.com/ertt.html?od=1symshort602bfb038ebcf_vl_Active11vl_we4.gl2gM.Yzzzyr124cjxxm11... HTTP 302
https://popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe%7CM21unJj=%7Cgd3o4%7Cwwwwx%7C1... Page URL
https://www.vdksda.com/2L4JQSH/DTSHN3J/?sub2=690369&sub3=1123207856 HTTP 302
https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5... Page URL

Page Statistics

108
Requests

99 %
HTTPS

51 %
IPv6

34
Domains

46
Subdomains

38
IPs

5
Countries

1522 kB
Transfer

4414 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.elfsight.com/panel/applications/facebook-feed/?utm_source=websites&utm_medium=clients&utm_content=facebook-feed&utm_term=secured.kraftgun.com&utm_campaign=deactivated-widget&show_pricing=true
Title: Widget is deactivated. Please, visit Elfsight Apps.

Search URL Search Domain Scan URL

URL: https://elfsight.com/facebook-reviews-widget/?utm_source=websites&utm_medium=clients&utm_content=facebook-reviews&utm_term=secured.kraftgun.com&utm_campaign=free-widget
Title: Free Facebook Reviews widget

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/2ZlSsg9 HTTP 301
http://gricinomis.com/ertt.html?od=1symshort602bfb038ebcf_vl_Active11vl_we4.gl2gM.Yzzzyr124cjxxm111_x11166.gd3o4d3d3d3gxanZxNnFo0a1MfO HTTP 302
https://popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe%7CM21unJj=%7Cgd3o4%7Cwwwwx%7C1jvq6qh%7C43978%7Czzzyr124cj%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0 Page URL
https://www.vdksda.com/2L4JQSH/DTSHN3J/?sub2=690369&sub3=1123207856 HTTP 302
https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/2ZlSsg9 HTTP 301
http://gricinomis.com/ertt.html?od=1symshort602bfb038ebcf_vl_Active11vl_we4.gl2gM.Yzzzyr124cjxxm111_x11166.gd3o4d3d3d3gxanZxNnFo0a1MfO HTTP 302
https://popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe%7CM21unJj=%7Cgd3o4%7Cwwwwx%7C1jvq6qh%7C43978%7Czzzyr124cj%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0

Request Chain 8

https://apps.elfsight.com/p/platform.js HTTP 301
https://static.elfsight.com/platform/platform.js

Request Chain 76

https://rp.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&refr=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&duid=b915b628ebc1--01eyy6q30s0pmaq6twrhhwag0a&se=e30&dtstmp=1613773901006 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&refr=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&duid=b915b628ebc1--01eyy6q30s0pmaq6twrhhwag0a&se=e30&dtstmp=1613773901006&i6=MmEwMTo0Zjg6MTIxOjEzMWE6OjI%3D&n3pc=true

Request Chain 84

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580489503/?random=541528421&cv=9&fst=1613773900962&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TDwwYJyAPZCIlgS7-r7ADw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/580489503/?random=541528421&cv=9&fst=1613773900962&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TDwwYJyAPZCIlgS7-r7ADw&cid=CAQSKQCNIrLMmfsguA39xzq6y1Pn4zasvwtoFYlKVyjasM0OpF3HuUlsGCqt&random=3015948198&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/580489503/?random=541528421&cv=9&fst=1613773900962&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TDwwYJyAPZCIlgS7-r7ADw&cid=CAQSKQCNIrLMmfsguA39xzq6y1Pn4zasvwtoFYlKVyjasM0OpF3HuUlsGCqt&random=3015948198&resp=GooglemKTybQhCsO&ipr=y

Request Chain 85

https://cdn.jwplayer.com/strips/DQ2Yjd5J-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/DQ2Yjd5J-120.vtt

Request Chain 87

https://cdn.jwplayer.com/strips/PSSJZVRO-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/PSSJZVRO-120.vtt

Request Chain 88

https://cdn.jwplayer.com/v2/media/DQ2Yjd5J/poster.jpg?width=720 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/rfaumry6-720.jpg

Request Chain 89

https://cdn.jwplayer.com/v2/media/PSSJZVRO/poster.jpg?width=720 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/nx7qe81p-720.jpg

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set p3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0 Show response
popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe%7CM21unJj=%7Cgd3o4%7Cwwwwx%7C1jvq6qh%7C43978%7Czzzyr124cj%7CY%7CM21unJj=%7CPC%7C1cvig5b/
Redirect Chain

https://bit.ly/2ZlSsg9
http://gricinomis.com/ertt.html?od=1symshort602bfb038ebcf_vl_Active11vl_we4.gl2gM.Yzzzyr124cjxxm111_x11166.gd3o4d3d3d3gxanZxNnFo0a1MfO
https://popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe%7CM21unJj=%7Cgd3o4%7Cwwwwx%7C1jvq6qh%7C43978%7Czzzyr124cj%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy...

130 B
443 B

1151ms
474ms

Document
text/html

167.114.223.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe%7CM21unJj=%7Cgd3o4%7Cwwwwx%7C1jvq6qh%7C43978%7Czzzyr124cj%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.114.223.193 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: kidscien.club
Software: Apache /
Resource Hash: 59627f3e033ac9accd50430910b344872727c1bb8c50b86f24cb31831e2232bf

Request headers

Host: popularkite.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 22:31:39 GMT
Server: Apache
Set-Cookie: uid25439=1123207856-20210219173140-031aa11e8f1667ce2942ce0ddf370b84-; domain=; expires=Sun, 21-Mar-2021 22:31:40 GMT; path=/; SameSite=None; Secure
Content-Length: 130
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 19 Feb 2021 22:31:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe|M21unJj=|gd3o4|wwwwx|1jvq6qh|43978|zzzyr124cj|Y|M21unJj=|PC|1cvig5b/p3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request / Show response
secured.kraftgun.com/special-offer/
Redirect Chain

https://www.vdksda.com/2L4JQSH/DTSHN3J/?sub2=690369&sub3=1123207856
https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com

224 KB
27 KB

66ms
23ms

Document
text/html

18.196.95.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Requested by: Host: popularkite.com
URL: https://popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe%7CM21unJj=%7Cgd3o4%7Cwwwwx%7C1jvq6qh%7C43978%7Czzzyr124cj%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.196.95.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 805ecfd7d133a29af3e4aa9860423382673a4f7986e8c0ff7574eeeab3976fa9

Request headers

Host: secured.kraftgun.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe%7CM21unJj=%7Cgd3o4%7Cwwwwx%7C1jvq6qh%7C43978%7Czzzyr124cj%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://popularkite.com/1763ffaef58a8591800/2021_we602bfb038e982/ymwe%7CM21unJj=%7Cgd3o4%7Cwwwwx%7C1jvq6qh%7C43978%7Czzzyr124cj%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0#PPK36_C87AM_J5JIS

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: 9177cfcd-7d13-4f97-ad68-ae2e0b0577a9
etag: e33c83d5b773633086fbea72ebd47adb
content-location: https://secured.kraftgun.com/special-offer/
x-unbounce-visitorid: 89.249.64.1711614725652806561
last-modified: Mon, 15 Feb 2021 15:40:17 GMT
x-unbounce-variant: dp
link: <https://secured.kraftgun.com/special-offer/>; rel="canonical"
set-cookie: ubpv=dp%2C9177cfcd-7d13-4f97-ad68-ae2e0b0577a9; Max-Age=15897600; Expires=Sun, 22 Aug 2021 22:31:40 GMT; Path=/special-offer/; SameSite=Lax ubrs=weighted; Path=/special-offer/; SameSite=Lax ubvs=89.249.64.1711614725652806561; Max-Age=15552000; Expires=Wed, 18 Aug 2021 22:31:40 GMT; Path=/; SameSite=Lax ubvt=89.249.64.1711614725652806561; Max-Age=259200; Expires=Mon, 22 Feb 2021 22:31:40 GMT; Path=/; Domain=kraftgun.com; SameSite=Lax
content-encoding: gzip
x-proxy-backend: page-server
connection: close

Redirect headers

server: nginx
date: Fri, 19 Feb 2021 22:31:40 GMT
content-type: text/html; charset=utf-8
content-length: 222
location: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
set-cookie: uniqueClick_DTSHN3J=378504f8-3ce9-492d-a0d5-b9772b1e0d89:1613773900; Path=/; Expires=Fri, 26 Feb 2021 22:31:40 GMT; Secure; SameSite=None transaction_id=f7172b32836e48aab5f55fe6d9092898; Path=/; Expires=Thu, 20 May 2021 22:31:40 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 5d34e487-dbd8-4e89-8958-9975086a781a
via: 1.1 google
alt-svc: clear

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 67ms
25ms Stylesheet
text/css 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:12:18 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 00:04:15 GMT
server: AmazonS3
age: 1286363
etag: "387bd017c5b4c65e427e652174ec93b6"
x-cache: Hit from cloudfront
x-amz-version-id: g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: ophxOHVaDYXoml4Okx8HPx4G-CqKvMHt0Akd01cvOpUGUHGRCzCwLw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
24 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46391
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 09:38:29 GMT

GET
H2 200 jquery-shims.bundle-0983003.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 67ms
25ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 01:09:52 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 00:04:10 GMT
server: AmazonS3
age: 249709
etag: "3b66d56998a2783e24247b98afc91699"
x-cache: Hit from cloudfront
x-amz-version-id: ry9zpTwX4fPowGAj2.vjMkgU6xjmzh2o
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1993
x-amz-cf-id: QjFbV9cYi0f15jsa19pvfGnT2f6aB-TQI3yFLazmnuQRpKDIWcZgqw==

GET
H2 200 / Show response
92ab5d6997844ed5b484a962b8c15274.js.ubembed.com/ 5 KB
2 KB 53ms
9ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://92ab5d6997844ed5b484a962b8c15274.js.ubembed.com/
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 480c94856db67d2688e950a7136a771a29649a8f1bd609d5d5a58deb545c4b08

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 1542
etag: 2546a44a9164cc67a6c7018f5cf4c5bc-v0.179.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: none
x-amz-apigw-id: bA1rDEZRjoEFjXA=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 49ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-996215059

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d7dfce86212c9f55721793e9d90538039a9850a1e0179a89b28e2f11b02152d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39247
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 22:31:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 59ms
32ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-580489503

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9f3a9510b5367a09a2f85a8aeca7086409a2ef900c5d980e50e7b3947b1acec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39251
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 22:31:40 GMT

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 54ms
13ms Script
application/javascript 2600:9000:2127:ca00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ca00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 07:27:16 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 18:45:36 GMT
server: AmazonS3
age: 7657465
etag: "91086183e2039359e4bf5622dfb57722"
x-cache: Hit from cloudfront
x-amz-version-id: D6xyQ1UlRnHjPycouA5Yb4DYOQiJWBkd
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1992
x-amz-cf-id: q38MVoRLdCUnSsbBlsZ7rFV2v2KCaRixcitYe9ZlArWChvQb3ucppw==

GET
H2

200

platform.js Show response
static.elfsight.com/platform/
Redirect Chain

https://apps.elfsight.com/p/platform.js
https://static.elfsight.com/platform/platform.js

46 KB
15 KB

23ms
14ms

Script
application/javascript

2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d3ace30022de6ae6591a86be77735d65535d81f2f09a7e6b5da4d6561a2e245

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 537
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx00000000000001e228937-00602e23bc-5eedeb1-sfo2a
cf-request-id: 085e04a32600002c2e52a4b000000001
last-modified: Wed, 17 Feb 2021 07:50:42 GMT
server: cloudflare
cache-control: max-age=3600
etag: W/"2e9df63aa73ffdbfe30200874bd9a2a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UNxOPZbtn2BD4HZEkXsPh5Pc0XkTtVJzdr9ZnRi6D49F3%2FTR2IDVZt13%2FgE0cnD4rnjBTyfcX9Mdwg8c5fUEtL8XrenEBTRZDlpC96VQ%2FVSthKhMi3cKN5tBqIiewpDc"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 6243707eaf582c2e-FRA

Redirect headers

date: Fri, 19 Feb 2021 22:31:40 GMT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e6KORN34Blc0aw9WBQU2tMoJSx7n3HW5c392%2B8p1N0dgYG1xAs%2FNYkb%2B%2BCNxkmfXv1sfsKR2y7%2BGUG%2Fmmehswfe6RK9dGar86n594it33Y%2BUx5jegIDI6PeeEGaG8Q%3D%3D"}],"group":"cf-nel"}
location: https://static.elfsight.com/platform/platform.js
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 6243707e2eb62c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e04a2d800002c2eed84b000000001
expires: Fri, 19 Feb 2021 23:31:40 GMT

GET
H2 200 PSSJZVRO-vG2mJbcu.js Show response
cdn.jwplayer.com/players/ 113 KB
37 KB 219ms
190ms Script
text/javascript 2600:9000:2182:2200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 847b27981dd4481fb07cb2b37f1b8f97e9eaaf8aac1d03056c848aaaf7fe8a26

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
content-length: 37559
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-amz-cf-id: HIpahjP7FnjTNQtxGLi6Xeol5iqRI19Ro4eTlxZT_E4sbGWvhXUocQ==
expires: Fri, 19 Feb 2021 22:34:10 GMT

GET
H2 200 DQ2Yjd5J-NZo33V7a.js Show response
cdn.jwplayer.com/players/ 113 KB
37 KB 232ms
204ms Script
text/javascript 2600:9000:2182:2200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/players/DQ2Yjd5J-NZo33V7a.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 8c7130370033d153a95ab055b0d43797fd69e80dd1473e2d6317f36e4740a722

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
content-length: 37555
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-amz-cf-id: bn5O_XeFOXX1eWyJPnPqh5nWzUA1kebbSfBQeNh8coo-m59PvbheuQ==
expires: Fri, 19 Feb 2021 22:34:10 GMT

GET
H2 200 everflow.js Show response
www.ghj65trk.com/scripts/sdk/ 44 KB
14 KB 188ms
110ms Script
text/javascript 34.107.168.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghj65trk.com/scripts/sdk/everflow.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.177 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 177.168.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a35b42068a61c55a20f5c9b684d040105ccfbac546a5459d47852159e00f0ab

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
x-eflow-request-id: 9a74d126-cc8b-4c98-8af1-039b171cb9a8
alt-svc: clear

GET
H2 200 main.bundle-5c6e41c.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 18ms
15ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 02:16:21 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 00:04:10 GMT
server: AmazonS3
age: 2492120
etag: "bb50eefe0cf9244bc17fe34bb55821bb"
x-cache: Hit from cloudfront
x-amz-version-id: ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 33645
x-amz-cf-id: tobY-sOl6pt0R9XV0n2qyeLRfnlaMjlPgmEsOaOSH7DSUmCYCbQKmQ==

GET
H2 200 a-04g1.min.js Show response
b-code.liadm.com/ 25 KB
10 KB 32ms
13ms Script
application/javascript 2a02:26f0:7100::687e:2471
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-04g1.min.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:2471 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 671d10f7c57123625a336067f3b4de6933b918cb54bc53b8f19c07c4d3fec119

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:47:04 GMT
etag: "3e1dcddb94914b4fee5fb11a0269a2bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2086
accept-ranges: bytes
content-length: 9833

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 23ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: 2SbVn6TeGCKCLzesCyUcPVQO8Uaj9Xf/VbeiyZVNNua8nRJHsO0P5zdsbQg6s2hsJPT0YAzLgJaOSL24prBr3w==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 19 Feb 2021 22:31:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 33ms
8ms Script
text/plain 151.101.113.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 7034
x-cache: HIT, HIT
content-length: 13681
x-amz-id-2: 94JeRsAql5wKjFeS3J2P/dtefGDSGaKfBTRuQAAOXFh33iSqLHa8S/jky3eOQQ/UkWcjJoudYQ8=
x-served-by: cache-bwi5146-BWI, cache-hhn4080-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1613773901.505838,VS0,VE0
date: Fri, 19 Feb 2021 22:31:40 GMT
vary: Accept-Encoding
x-amz-request-id: E9991AFD9A0915EF
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 2, 1735

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1218832/ 64 KB
22 KB 137ms
111ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1218832/tfa.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 562c176f75228c71c53f4634f48c5b1a486710c1fd527d87346032b7b0b31ec0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: J7_aqlL13J6U8aFokPSeH7yQz42P8cs8
content-encoding: gzip
etag: "3cde8307db2bdd60a25f2dc3b02d6a9f"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21902
x-amz-id-2: xHoK23qc9tMahyfeBygZ2EvCSnePrjSbykuJFrmox9KZURzpDf/g8452LYAoh1+JptMeXEWrE8k=
x-served-by: cache-hhn11539-HHN
last-modified: Mon, 15 Feb 2021 20:56:38 GMT
server: AmazonS3
x-timer: S1613773901.508921,VS0,VE104
date: Fri, 19 Feb 2021 22:31:40 GMT
vary: Accept-Encoding
x-amz-request-id: 45051D23C72CDD21
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 68
x-cache-hits: 1

GET
H2 200 pi-notify.js Show response
cdn.powerinboxedge.com/framework/ 690 B
1 KB 73ms
14ms Script
application/javascript 13.226.159.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.powerinboxedge.com/framework/pi-notify.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-89.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed5969737902a6ab2815c64df0d19336fe38d3ed2e020e481fd3c90bc97dd520

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 0SZAKAkqoVR4qIcDsMcVeBU8Pq855goE
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
last-modified: Fri, 28 Feb 2020 19:56:54 GMT
server: AmazonS3
age: 37801
etag: "3e005973746aab66674e6f3460b1c781"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 19 Feb 2021 12:01:40 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 690
x-amz-cf-id: YpB-uUAGtROfAXmDxriF3MbQ76tabcKc7votwG7Ow2W_shJLqDyOiQ==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 20ms
6ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 19 Feb 2021 22:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 790
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: 3JHB+z3+QAmZjY2uwSH/5Kpp3vymf5cvf/5L/GGlWrlINNMeo+WtLSacEE8ukLyv47tRd3JPvys=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 89C2CFCC112B26ED
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 26ms
7ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 22:31:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2021 14:42:51 GMT
Server: AkamaiNetStorage
ETag: "c43e7f1b0459d05cce32768dd16af59b:1611585771.492103"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2864
Expires: Fri, 19 Feb 2021 22:51:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 46ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 20:48:20 GMT
x-msedge-ref: Ref A: AB9A01FA1EE44708A0B1207C6610ECE5 Ref B: FRAEDGE1521 Ref C: 2021-02-19T22:31:40Z
etag: "042b8e76dfad61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 10093044.json Show response
s.yimg.com/wi/config/ 2 B
458 B 20ms
8ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10093044.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:19:46 GMT
x-content-type-options: nosniff
age: 714
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: E601FE5B4AB0BBE6
x-amz-id-2: YSop2yTcusK9tZOHh9awLZM2uKpUnAJko/wu9tCEiXEqu+hM1cK8WK1hJq3UhN4k+EKZGLszn7U=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.0/ 162 KB
46 KB 46ms
15ms Script
application/javascript 13.226.159.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.0/bundle.js
Requested by: Host: 92ab5d6997844ed5b484a962b8c15274.js.ubembed.com
URL: https://92ab5d6997844ed5b484a962b8c15274.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-129.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 03:34:38 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 18:50:36 GMT
server: AmazonS3
age: 1364223
etag: W/"5989757bd8ad29a05f48a0b643993aae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: hCaeUspPW-FCoS3ekGV9Sf7_PBf34ntmLBwercAM74chtio-9nXH-g==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 15ms
14ms Script
application/javascript 2600:9000:2127:ca00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ca00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 03:43:58 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 1450063
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: XFHlZvzX-21pvAjoNcx0Y--BuWdM3DwMoj14Og5oQlzQbAgj5H6Dnw==

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 351ms
88ms Script
application/javascript 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00b6640ba49ae3ec9e80120704a43048c1
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: gzip
X-TraceId: 8e0f660957bafb9fea8eb4d0b1e20ff9
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
255 B 352ms
88ms Image
image/gif 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00b6640ba49ae3ec9e80120704a43048c1&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&optOut=false&bust=048786667372301973
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 22:31:41 GMT
Cache-Control: no-cache
X-TraceId: b3ca4d6c29ff730bad6416fe450ac3a
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 378ms
93ms Image
image/gif 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00b6640ba49ae3ec9e80120704a43048c1&obApiVersion=1.1&obtpVersion=1.4.1&name=Add-to-cart&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&optOut=false&bust=05389633327830394
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 22:31:41 GMT
Cache-Control: no-cache
X-TraceId: c6ed888fe42dbdc911a16c8cd12107e4
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/359c5f08b9924164b65dde426918fdb8/ 43 B
421 B 403ms
100ms Image
image/gif 3.227.227.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/359c5f08b9924164b65dde426918fdb8/pixel?j=1&u=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&tag=ViewContent&ts=1613773900725

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.227.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-227-165.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 22:31:41 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,bce5a5a25060ec2afa1bce3de0dfee23,10.0.0.132,37870,89.249.64.171,,68669241602,1,1613773901.079,0.003,,.,0,0,0.000,0.004,-,0,0,197,105,52,10,26847,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/359c5f08b9924164b65dde426918fdb8/ 43 B
421 B 415ms
103ms Image
image/gif 3.227.227.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.227.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-227-165.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 22:31:41 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,34d70e9bfe471dc4b6a80b43b585feb5,10.0.0.132,37834,89.249.64.171,,68669241456,1,1613773901.091,0.002,,.,0,0,0.000,0.004,-,0,0,197,113,56,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 notify
track.rev-stripe.com/postback/ 43 B
281 B 402ms
131ms Image
image/gif 13.84.54.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.rev-stripe.com/postback/notify?pi_href=https%3A//secured.kraftgun.com/special-offer/%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&companyid=2518
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.84.54.237 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
x-aspnetmvc-version: 5.2, 5.2
server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET, ASP.NET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private, private
content-length: 43
request-context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H2 200 444674280268662 Show response
connect.facebook.net/signals/config/ 240 KB
70 KB 93ms
93ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/444674280268662?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

676139110081858300e270e344848783134bb86a4957d009dbb35728076ca51e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Z0ZQ0C/x7eHmK7+sj+LG4TJgMujyUPJN0gpZK4ch1lKD9Wb4GMNssfh7ZKgOueeXoaOtuwYjUvggIfS8d/EFLg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Feb 2021 22:31:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 679918182
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 57 KB
17 KB 63ms
27ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/jwpsrv.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c616b0445de7236c857bbcff63e3236985202ead1d6676dd74b6151a5d88800

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
age: 667
x-cache: HIT
content-length: 17360
via: 1.1 varnish
x-served-by: cache-fra19128-FRA
last-modified: Mon, 08 Feb 2021 19:59:45 GMT
server: AmazonS3
x-timer: S1613773901.806144,VS0,VE0
etag: "9babdf430d4678f3029506d58b1f0c17"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 800

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 298 KB
77 KB 48ms
13ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/jwplayer.core.controls.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbddb5dc71dbc432fe3c0882955fd4942934d931ea1cf8ed3107b6f8e8f6c7c8

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
age: 2752154
x-cache: HIT
content-length: 78129
via: 1.1 varnish
x-served-by: cache-fra19128-FRA
last-modified: Fri, 15 Jan 2021 21:39:06 GMT
server: AmazonS3
x-timer: S1613773901.806106,VS0,VE0
etag: "bce8a935003a2164805362d8ad7026a6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 676957

GET
H2 200 PSSJZVRO Show response
cdn.jwplayer.com/v2/media/ 2 KB
943 B 177ms
158ms XHR
application/json 2600:9000:2182:2200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/media/PSSJZVRO?recommendations_playlist_id=hdCZ6xMG
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: a168a45678f7bce828e1a68b728db75794e0f57aefd292d1957606dd4e657105

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, max-stale=180
content-length: 592
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
x-amz-cf-id: vQjwbDQgfG6mNbG0pFZb3M_WXZzCELdF7XYvIG0u3hINO2rF7Kgr-g==
expires: Fri, 19 Feb 2021 22:51:40

GET
H2 200 DQ2Yjd5J Show response
cdn.jwplayer.com/v2/media/ 2 KB
926 B 172ms
155ms XHR
application/json 2600:9000:2182:2200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/media/DQ2Yjd5J?recommendations_playlist_id=hdCZ6xMG
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: efa4dd86e7978014e1a3eacdee1f5dea2bd05033f7cfd1af6928dd0c7bd6111b

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, max-stale=180
content-length: 575
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
x-amz-cf-id: w1VRCXTyIBwE7SK7hhyk03g_5Kbd4BmYQYKNsaJdBvxtIAUym1vs-w==
expires: Fri, 19 Feb 2021 22:51:40

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 42ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-996215059&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-580489503

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

559d4a17c7aaab7f11e1186166237f5b9416a5fa7ffd0683dd69eaf890b95ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39272
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 22:31:40 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 31 KB
13 KB 43ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-996215059

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12360
x-xss-protection: 0
server: cafe
etag: 195370021859676167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 22:31:40 GMT

GET
H2 200 cc1c1686-bg-06_1000000000000000000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 53 KB
54 KB 58ms
26ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/cc1c1686-bg-06_1000000000000000000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02b3bb1f88fed173c3534d0da79d5059ca521dc7dd198966c93ecb0d05899d9d

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 620591
etag: "63d2efbffae48a066a4c70bcb51edc56"
x-cache: Hit from cloudfront
x-amz-version-id: kmWV2VKQawGp0x9NKuWlldxqiP_q4xdR
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 54578
x-amz-cf-id: NVJT6SjZ6s_YbeUwXORRO64t78UWz56JiGKEMQ8ydph3P8_kJox6bw==

GET
H2 200 default Show response
embed.tawk.to/5cd1205ed07d7e0c63924148/ 11 KB
4 KB 44ms
26ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5cd1205ed07d7e0c63924148/default

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6cb35768200fed66c189f15b5d753304edfc6c815f418b06c975a501c428ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://secured.kraftgun.com
Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e04a4240000c29545b7f000000001
server: cloudflare
etag: W/"stable-v3-709-en"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=3600
cf-ray: 624370803d5ec295-FRA

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
43 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W24J9CP

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

234d0122e66c0d10aab31476a37034d125a2d02fd32aed890c40b1c4b1245809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43809
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 22:31:40 GMT

GET
H2 204 0
bat.bing.com/action/ 0
147 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25073442&Ver=2&mid=5e042a97-4293-4dc5-879a-ce152f4c3d98&sid=3c8e5430730211eb930b278ab8e3f2c1&vid=3c8e91e0730211eb86369371d0bffbd0&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&kw=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&p=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&r=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&lt=638&evt=pageLoad&msclkid=N&sv=1&rn=190305
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 19 Feb 2021 22:31:40 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 79F44F2583964B82B8BAC80982B142C3 Ref B: FRAEDGE1521 Ref C: 2021-02-19T22:31:40Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 0ca2067b-dc6d-4bdb-afeb-1d36f54d430a
https://secured.kraftgun.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secured.kraftgun.com/0ca2067b-dc6d-4bdb-afeb-1d36f54d430a
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

485684debae59368f4869b98b228c36719ba92fe983e42c66aea2a729c1b6f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 22:31:40 GMT
server: ESF
date: Fri, 19 Feb 2021 22:31:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 22:31:40 GMT

GET
H2 200 / Show response
apps.elfsight.com/p/boot/ 3 KB
2 KB 226ms
226ms XHR
application/json 2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.elfsight.com/p/boot/?w=083c159a-cc85-42fc-8afc-298850561176

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c64b3c13cbec214d71d5bb65728b45743ff4defc44da055c2d0ce8b3d0aa7e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-max-age: 86400
access-control-allow-methods: GET
strict-transport-security: max-age=0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e04a44100002c2e4ab4d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xnzDbZmQV4bMtv6eykK1thXZtWL8Ey6hw5FcW1ZWIET4XrhKjEknBfed3CoKeJJtNiYK6s%2BLZQqTS9X%2BJTZBu6iEIH42xl4PypHF9jRMv6DzCCDOgxVmJ3NAHZhQSQ%3D%3D"}],"group":"cf-nel"}
content-type: application/json
access-control-allow-origin: https://secured.kraftgun.com
x-xss-protection: 1; mode=block
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6243708069502c2e-FRA
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 316ms
104ms Image
image/gif 35.173.63.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1613773900873&e=pv&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&page=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&refr=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=07966acb-7007-44d0-83e3-cd5d0e9b7fa8&dtm=1613773900871&vp=1600x1200&ds=1600x7108&vid=1&sid=c94cc545-3f8e-4dc2-a735-c861fe2822c8&duid=2d0ca8d3-f8e7-449d-8772-49bb16f48742&uid=89.249.64.1711614725652806561&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiOTE3N2NmY2QtN2QxMy00Zjk3LWFkNjgtYWUyZTBiMDU3N2E5IiwidmFyaWFudElkIjoiZHAiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.63.32 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-63-32.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Feb 2021 22:31:41 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 78eeaf98-whatsapp-image-2020-05-15-at-9-52-22-am_108x05606204800t00h028.jpeg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 8 KB
9 KB 37ms
32ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/78eeaf98-whatsapp-image-2020-05-15-at-9-52-22-am_108x05606204800t00h028.jpeg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1da9819bcabac9e138d1f10c7d1c76f3da09e894f7a140ffb82e15710d877199

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 19:23:56 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 529665
etag: "57559a16a4bb5671d254f410eea7f3ec"
x-cache: Hit from cloudfront
x-amz-version-id: RGuwavWBuTTnrwiV7vPb5wJRgikqk7Ym
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 8427
x-amz-cf-id: UYvCf7D3JhpjsZbfDXiJj1Q2ZS_42upuxCLsbO-_tOItmIf23sZg_A==

GET
H2 200 e8f5f976-heart_100p00p000000000000000.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 513 B
904 B 28ms
24ms Image
image/png 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/e8f5f976-heart_100p00p000000000000000.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64f7626a65bb8304d55454d4b8049040d0875269980147a3d6f2d5b2f14580fb

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 05:50:11 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 578490
etag: "f2e438e10a995e7ed072462717fad78b"
x-cache: Hit from cloudfront
x-amz-version-id: 2O_6PYpBAJ7IN5asoM6k4fpO2EuYVZub
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 513
x-amz-cf-id: F9QvaKCJdFuGA2Bn-nTLh-LR3NRaK-rrbUzIoJDMi_Jg5prnEk81RQ==

GET
H2 200 7697b8da-chat_100p00p000000000000000.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 546 B
938 B 24ms
19ms Image
image/png 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/7697b8da-chat_100p00p000000000000000.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51a5c52f86e1f5c17f703d83aea85809292aed00d81029344a6dc631c1bb2a26

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 23:12:27 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Mon, 15 Feb 2021 15:40:17 GMT
server: AmazonS3
age: 170354
etag: "9a867481cf8d5f3b6a0b9795de8222d8"
x-cache: Hit from cloudfront
x-amz-version-id: MXbqOoOfYMcx3iH49lgk.yikGWQtWVkV
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 546
x-amz-cf-id: cR9yZRUYc5DV_kQiJ2O8topM2VEJOJa2rF0VkSpgLGg0IJL9gZnp7Q==

GET
H2 200 68c9d2ec-8-photo_106206o062049000000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 9 KB
9 KB 39ms
35ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/68c9d2ec-8-photo_106206o062049000000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6654e48770de22777ac01873bbf8164bc4650880375aca22245f43d6cabae6ef

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 620591
etag: "231e298c1ef96f5501d9127994076437"
x-cache: Hit from cloudfront
x-amz-version-id: WlLWYuG_jaYE_kQBHC_fpc3Vi5m2auaK
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 9018
x-amz-cf-id: wKtI_zjAsHnPwC7Rb9KI6aRAcHD_T7WAWc1yQ-gE_Spy-uaMXfsk8g==

GET
H2 200 a68fa811-whatsapp-image-2020-05-15-at-9-52-34-am_107904906204900p000028.jpeg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 10 KB
10 KB 27ms
23ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/a68fa811-whatsapp-image-2020-05-15-at-9-52-34-am_107904906204900p000028.jpeg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1dd065c2a10c5c9ab803c37299252f97e4fe7daa78734ad70600ab39e1de3da2

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:00:27 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 1200674
etag: "b4db8c3d5bd1e38ef4d43d0892ec1a49"
x-cache: Hit from cloudfront
x-amz-version-id: lqLBqeyEAolRAuxBaybHVjby3mIDfSRT
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 9828
x-amz-cf-id: 7is4GndwMPjy8YnEN51ojcIWQRQ2uBO1plTRl2ZKhhJWkkNLruwVZw==

GET
H2 200 18eabe1a-82794525-10156438546971601-2810766721810432000-n_1062083062049000000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 5 KB
5 KB 26ms
22ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/18eabe1a-82794525-10156438546971601-2810766721810432000-n_1062083062049000000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55e05ce33fadaa42b4fea7b79cb849c3bc84329390cfd18fe373a8d2c799143c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 620591
etag: "a981026ec7a833aff68588dd9fd9ca4c"
x-cache: Hit from cloudfront
x-amz-version-id: .bPxMelLIDuX6xWJUbTYs0q544KgmaGY
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4881
x-amz-cf-id: JgHwGdyc_-7nbteCZqLlawntMmkfCZO0hwSTdtvNmYZ9V5IP9yEO4Q==

GET
H2 200 79f347e3-81334184-10101719822224892-1309683262540480512-n_106208306204900001x028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 5 KB
5 KB 25ms
21ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/79f347e3-81334184-10101719822224892-1309683262540480512-n_106208306204900001x028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbb6455cb0bee893bfdad8ce1adb134523cfa2a371430626fd1f5a574db6f5a2

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 620591
etag: "fc79f5065e5d981e72796e5325fcfbff"
x-cache: Hit from cloudfront
x-amz-version-id: 2HSpzAwmB9ZpmPWHIyQWhxygkzfAHaYu
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4760
x-amz-cf-id: pk0obGJTaaA-LANrLIdtWMbjsX2kSWX7QpejVUnuWpf2uWv0DLo3lw==

GET
H2 200 539855ae-7-photo_1062062062049000001028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 6 KB
6 KB 28ms
24ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/539855ae-7-photo_1062062062049000001028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95ae25c936e35ab8dfe9eadaeb5854cf241279f4d7f72a954285e12bb5ee0212

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 19:23:56 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 529665
etag: "10f0e349bced3647b8d84d69fdc4e6e0"
x-cache: Hit from cloudfront
x-amz-version-id: YcgffnHA6xwe4PZNOCopyjBSeR6ANO3h
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 5703
x-amz-cf-id: jMTlmHA4UlJExW6ZtKVE4Sr_dj7-ZTeT8jk-oLy0wWh7TYIU6psBEQ==

GET
H2 200 cfd3697b-5-photo_106207l062049000029028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 6 KB
6 KB 27ms
24ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/cfd3697b-5-photo_106207l062049000029028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1f14612916bca52fcd4e2df47e39fb08b1dab021cf0585f2279e35b2a542ecb

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 620591
etag: "53df43f14f194634c178bcc64449dd18"
x-cache: Hit from cloudfront
x-amz-version-id: _nn04mkIB3uVOI0Ddnn0sOGgk5NGuWoT
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 6098
x-amz-cf-id: FM5NMQW0pVpUrQpykPdWFn_CUlfSLJHY_6w19JSSO2YiDvKPwJxxfA==

GET
H2 200 6657ec83-82148792-1052027901806929-1111988031029510144-n_106208306204900001x028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 3 KB
3 KB 26ms
24ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/6657ec83-82148792-1052027901806929-1111988031029510144-n_106208306204900001x028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a28afcf4acdbf76fa66d2e70a5247503b4c4c8513f60fa502c030f188e610401

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 15:08:26 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 1581795
etag: "b6eb9392184a5c9370cb72ea076de43f"
x-cache: Hit from cloudfront
x-amz-version-id: lZ30pgrEImROvG6YycdJ6E2OIfzWVJAw
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3077
x-amz-cf-id: z0eSG_kL1rIzbBpIjFLURA0GgWlb23zUrtOyv_CUqXdccEjXEz-AFw==

GET
H2 200 7b12d87f-kraft-force.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 706 B
1 KB 27ms
25ms Image
image/png 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/7b12d87f-kraft-force.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89ffbe9e6cde6f9a1887c2132dba300a9f57d3ceb3dcb4042947e0cd8fdf0f9e

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 07:36:54 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 1263287
etag: "34fde48e88b9a3a40fa917d140c7445a"
x-cache: Hit from cloudfront
x-amz-version-id: CYs.A7XUZC7RlXxe4Z9fMwJXM3F_TWH5
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 706
x-amz-cf-id: 8S5VLr4UNR-J0CTo-dswztOCdNBXzq1fNej_eurHK2P_UWJ3mdLDSA==

GET
H2 200 8c5abf44-logo-wellfit_104p01d04p012000005000.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 3 KB
3 KB 28ms
26ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/8c5abf44-logo-wellfit_104p01d04p012000005000.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b21d841d8c418f185506ff91595be0acb8ac14e9ff8c129ba1a0a7138c11184b

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 620591
etag: "b6f57d3cda33729e6222ea261081d7cf"
x-cache: Hit from cloudfront
x-amz-version-id: 8XKx0lsPnDNHHNNFlc4YOuNobgg7QX_D
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2738
x-amz-cf-id: MlTSMe6IwjJEtLcyvw5-o3Nyg-fHkAF509AmuaqG5YuiITorS5r92g==

GET
H2 200 083ebb37-mens_104r012000000000000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 3 KB
3 KB 28ms
26ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/083ebb37-mens_104r012000000000000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 114c86edc7d1cb27c3ffbe36a75538940cec1945a0dcd18886e46ff403ad25b9

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:14:48 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 1322213
etag: "98af8f1d54460375ad4e2a0f259e7583"
x-cache: Hit from cloudfront
x-amz-version-id: _C6BxCSvI3A6ffju7DBJNupb.oZl_Qhm
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3083
x-amz-cf-id: UfaypVGHYAXfVXdaHzKjbrd5RsnWUOAUoGiPSZhTWEr9_do42b-8_A==

GET
H2 200 71ce9ba0-cropped-png-transparent-background-2_107d012000000000000000.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 12 KB
12 KB 29ms
27ms Image
image/png 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/71ce9ba0-cropped-png-transparent-background-2_107d012000000000000000.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d576307215d8210dc87ef40f71a4c2eb4f283d807179544dce9321ecd2117604

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:14:48 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 1322212
etag: "9c5513775b52583e94e92122b109d450"
x-cache: Hit from cloudfront
x-amz-version-id: gOV1FejjMwdEGf64UBdtzWCwn806rfNj
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 12000
x-amz-cf-id: UoW6NC0FzKZ93sQX6Ft8UKYwGSGg1cC4jClpLK-tySI8mpcL-pDj7A==

GET
H2 200 9d458a67-test1_10c70gb09x0gb015000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 20 KB
20 KB 29ms
28ms Image
image/jpeg 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/9d458a67-test1_10c70gb09x0gb015000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9423e6b6787be5118f00c71c19df2146fa7bc508f34d9e2d40cdff38b016306

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 620591
etag: "85cdd07d935ad179755b9557f25a5352"
x-cache: Hit from cloudfront
x-amz-version-id: fsWNsZtqIGEA7.88tDHRLj.GqQTdJisG
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 19989
x-amz-cf-id: -ddhKPZomE3ivBGTe3bSmVkVbYHUuQ5j-mqA460NcSe0-tpAt-juYQ==

GET
H2 200 c310889d-five-star-reviews-localcoin-on-google_102301f02300i00000f000.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 2 KB
3 KB 29ms
28ms Image
image/png 13.226.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/c310889d-five-star-reviews-localcoin-on-google_102301f02300i00000f000.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-219.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37db44090775a0db612e85eb879059ea05283db5af38eb665434b55399df8e1b

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 09:37:28 GMT
via: 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Mon, 15 Feb 2021 15:40:17 GMT
server: AmazonS3
age: 305653
etag: "be6376923515c326264a35b5b028ac48"
x-cache: Hit from cloudfront
x-amz-version-id: Z33EdXsalo83Q29M9BJodJxC8V69F1xj
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 2295
x-amz-cf-id: 8tECHEqFEI9JwrXRNQ8AeL7ogaP05zKLw9g4917yZeUYwsIfZoMC3Q==

GET
H2 200 2sDcZGJYnIjSi6H75xkzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/assistant/v7/ 20 KB
20 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzaGW5Kb8VZA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c57e3e2b22c5bf3cd60a9a7bb27fb9447b5dc632b7f2ae2401e611ba6a635c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 12:56:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:35:30 GMT
server: sffe
age: 120896
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20532
x-xss-protection: 0
expires: Fri, 18 Feb 2022 12:56:44 GMT

GET
H3-Q050 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v19/ 41 KB
42 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:07:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:51:07 GMT
server: sffe
age: 595446
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42444
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:07:34 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 65161
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:39 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:52:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 59946
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 19 Feb 2022 05:52:34 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 08:43:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 222500
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 17 Feb 2022 08:43:20 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 134008
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:18:12 GMT

GET
H3-Q050 200 KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:03 GMT
server: sffe
age: 96612
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12688
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:28 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 06:03:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 145701
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Fri, 18 Feb 2022 06:03:19 GMT

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 06:30:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 576075
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sun, 13 Feb 2022 06:30:25 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 07:56:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 52486
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sat, 19 Feb 2022 07:56:54 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/996215059/ 3 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996215059/?random=1613773900957&cv=9&fst=1613773900957&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ae676cbaa4682fc440d42a3f7f52d8ee7a3ea268df777efe2172f0abf80b4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/580489503/ 3 KB
1 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580489503/?random=1613773900961&cv=9&fst=1613773900961&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca18b4566b2617faf5874673737c4f8bc9054b31cb815db233638af08d656fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 22:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/580489503/ 2 KB
2 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/580489503/?random=1613773900962&cv=9&fst=1613773900962&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718979297beb70a013363d25eecad1fd17fd33b7f28105905ec7786337557a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1418
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 283 KB
86 KB 25ms
25ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfa05a5964f7993f83a296584170a7e49ace63db0891f1e53add0635e022bf6b

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: gzip
age: 2692211
x-cache: HIT
content-length: 87594
via: 1.1 varnish
x-served-by: cache-fra19128-FRA
last-modified: Fri, 15 Jan 2021 21:39:09 GMT
server: AmazonS3
x-timer: S1613773901.022649,VS0,VE0
etag: "7ad588058a2b5fbdc9f3b1642b7383fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 527260

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%...
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856...

13 B
569 B

356ms
106ms

XHR
application/json

3.88.95.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&refr=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&duid=b915b628ebc1--01eyy6q30s0pmaq6twrhhwag0a&se=e30&dtstmp=1613773901006&i6=MmEwMTo0Zjg6MTIxOjEzMWE6OjI%3D&n3pc=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.88.95.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-88-95-40.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
x-pixel-event-id: 39f073b5-61ed-4e78-b7e1-effeb0b3a5a1
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 048c9ee52e4d82b5

Redirect headers

date: Fri, 19 Feb 2021 22:31:41 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&refr=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&duid=b915b628ebc1--01eyy6q30s0pmaq6twrhhwag0a&se=e30&dtstmp=1613773901006&i6=MmEwMTo0Zjg6MTIxOjEzMWE6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://secured.kraftgun.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 2629ec6ffce3ec32
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=444674280268662&ev=PageView&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&rl=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&if=false&ts=1613773901024&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613773901023.945431994&it=1613773900734&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 19 Feb 2021 22:31:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 20ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=444674280268662&ev=AddToCart&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&rl=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&if=false&ts=1613773901026&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1613773901023.945431994&it=1613773900734&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 19 Feb 2021 22:31:41 GMT

GET
H2 200 facebook-reviews.js Show response
static.elfsight.com/apps/facebook-reviews/release/5b03c028-86aa-4646-a270-9919d2da8c48/app/ 413 KB
105 KB 24ms
24ms Script
application/javascript 2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/facebook-reviews/release/5b03c028-86aa-4646-a270-9919d2da8c48/app/facebook-reviews.js

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

109fad99353bbe333d48b73f4596496db0f58587547646eee5efeef9fc559d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 137356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx00000000000001e22945e-00602e23c1-5eedeb1-sfo2a
cf-request-id: 085e04a52f00002c2eebbf9000000001
last-modified: Wed, 20 Jan 2021 07:59:50 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"18c7ce1811563c845a2114f190516b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pGx17iwsy5GObW3wz5Ncr%2BAcTVo97OveVEaZXQHs%2B%2BgeyAoJBa7Yf%2FrVshcgQatkXMt58ptjn87t2gorrsKu0z%2FG8clR8yEP448lJO9dokHsTr1pG19v97MLTmtt4e0A"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 62437081eaef2c2e-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/996215059/ 42 B
327 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/996215059/?random=1613773900957&cv=9&fst=1613772000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&async=1&fmt=3&is_vtc=1&random=110163062&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 22:31:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/996215059/ 42 B
154 B 19ms
18ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/996215059/?random=1613773900957&cv=9&fst=1613772000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&async=1&fmt=3&is_vtc=1&random=110163062&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 22:31:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/580489503/ 42 B
108 B 32ms
31ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/580489503/?random=1613773900961&cv=9&fst=1613772000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&async=1&fmt=3&is_vtc=1&random=1387174239&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 22:31:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/580489503/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/580489503/?random=1613773900961&cv=9&fst=1613772000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&async=1&fmt=3&is_vtc=1&random=1387174239&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 22:31:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/580489503/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580489503/?random=541528421&cv=9&fst=1613773900962&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/580489503/?random=541528421&cv=9&fst=1613773900962&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/580489503/?random=541528421&cv=9&fst=1613773900962&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
530 B

49ms
35ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/580489503/?random=541528421&cv=9&fst=1613773900962&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TDwwYJyAPZCIlgS7-r7ADw&cid=CAQSKQCNIrLMmfsguA39xzq6y1Pn4zasvwtoFYlKVyjasM0OpF3HuUlsGCqt&random=3015948198&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 22:31:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Feb 2021 22:31:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/580489503/?random=541528421&cv=9&fst=1613773900962&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TDwwYJyAPZCIlgS7-r7ADw&cid=CAQSKQCNIrLMmfsguA39xzq6y1Pn4zasvwtoFYlKVyjasM0OpF3HuUlsGCqt&random=3015948198&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

DQ2Yjd5J-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/DQ2Yjd5J-120.vtt
https://assets-jpcust.jwpsrv.com/strips/DQ2Yjd5J-120.vtt

5 KB
1 KB

142ms
111ms

XHR
text/vtt

2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/DQ2Yjd5J-120.vtt
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5025336d1edb4c33d186ff577eb89d33cc8138dca56f3f3273657e941075a2c4

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: gzip
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 938
x-served-by: cache-bwi5132-BWI, cache-fra19166-FRA
access-control-allow-origin: *
last-modified: Mon, 18 Jan 2021 11:18:01 GMT
server: nginx
x-timer: S1613773901.458811,VS0,VE99
etag: "d445ac645fb4017d9cefa87ff44776f9"
vary: Accept-Encoding
content-type: text/vtt
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 0

Redirect headers

date: Fri, 19 Feb 2021 22:31:41 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: DUS51-C1
location: https://assets-jpcust.jwpsrv.com/strips/DQ2Yjd5J-120.vtt
x-cache: Miss from cloudfront
content-type: text/html
access-control-allow-origin: *
content-length: 178
x-amz-cf-id: tpZ9HUmL8R6MkYZrtp1pHicq-kH9g0_0rQ2inVexWgO2fcJxjCVhqQ==

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 106 KB
24 KB 15ms
14ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/related.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e09b68632588396c28cfadd6fda5f86b0bd0e0119c955ea0ba8121c34c0fa37

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: gzip
age: 2692211
x-cache: HIT
content-length: 24438
via: 1.1 varnish
x-served-by: cache-fra19128-FRA
last-modified: Fri, 15 Jan 2021 21:39:11 GMT
server: AmazonS3
x-timer: S1613773901.317786,VS0,VE0
etag: "3444ba72502987ef98fe56e85bec1ecd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 487111

GET
H2

200

PSSJZVRO-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/PSSJZVRO-120.vtt
https://assets-jpcust.jwpsrv.com/strips/PSSJZVRO-120.vtt

5 KB
1 KB

140ms
110ms

XHR
text/vtt

2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/PSSJZVRO-120.vtt
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 57bfe1e2f003fe73760150f93bcabc700a196342d84a6fa4008f1b6b8e3d1911

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: gzip
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 826
x-served-by: cache-bwi5133-BWI, cache-fra19166-FRA
access-control-allow-origin: *
last-modified: Tue, 15 Dec 2020 13:41:21 GMT
server: nginx
x-timer: S1613773901.458781,VS0,VE98
etag: "1cfe677908afed0917df077908debd79"
vary: Accept-Encoding
content-type: text/vtt
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 0

Redirect headers

date: Fri, 19 Feb 2021 22:31:41 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: DUS51-C1
location: https://assets-jpcust.jwpsrv.com/strips/PSSJZVRO-120.vtt
x-cache: Miss from cloudfront
content-type: text/html
access-control-allow-origin: *
content-length: 178
x-amz-cf-id: rzuuqKtJgkWfiEZBBzAxFOSP_AfdN1KHe19dhiET4op8H0Zugma37Q==

GET
H2

200

rfaumry6-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/DQ2Yjd5J/poster.jpg?width=720
https://assets-jpcust.jwpsrv.com/thumbnails/rfaumry6-720.jpg

49 KB
49 KB

105ms
105ms

Image
image/jpeg

2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/rfaumry6-720.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: edb636567453187de643d9ea326d6ed5489b91dab0e6f489fc2d73082483cabc

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: gzip
age: 353
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 49899
x-served-by: cache-bwi5150-BWI, cache-fra19128-FRA
access-control-allow-origin: *
last-modified: Mon, 18 Jan 2021 11:17:29 GMT
server: nginx
x-timer: S1613773902.509051,VS0,VE89
etag: "2c79d8cb1524fad7b13dc279597fc175"
vary: Accept-Encoding
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Fri, 19 Feb 2021 22:31:41 GMT
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: DUS51-C1
location: https://assets-jpcust.jwpsrv.com/thumbnails/rfaumry6-720.jpg
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: S-z0aUQ0eNg4sHzUoPw0DSZvuesvrE97tAiQPY-y6muMrfm6maisWw==

GET
H2

200

nx7qe81p-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/PSSJZVRO/poster.jpg?width=720
https://assets-jpcust.jwpsrv.com/thumbnails/nx7qe81p-720.jpg

56 KB
56 KB

102ms
101ms

Image
image/jpeg

2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/nx7qe81p-720.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd815ec21b627973b71f25caab033018fd26649b46a4402fb3ebf36e07e0179f

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: gzip
age: 352
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 57182
x-served-by: cache-bwi5124-BWI, cache-fra19128-FRA
access-control-allow-origin: *
last-modified: Tue, 15 Dec 2020 13:40:54 GMT
server: nginx
x-timer: S1613773901.440140,VS0,VE89
etag: "662f9cc9ab7e7736bcddc39f472a8f67"
vary: Accept-Encoding
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Fri, 19 Feb 2021 22:31:41 GMT
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: DUS51-C1
location: https://assets-jpcust.jwpsrv.com/thumbnails/nx7qe81p-720.jpg
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: pxe7fJ7jSbo6Ui8a_rWqQsaqVJsnA20sBa1-s4r_jDlwqcPpfvgYjQ==

GET
H2 200 click Show response
www.ghj65trk.com/sdk/ 85 B
435 B 121ms
121ms Fetch
application/json 34.107.168.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghj65trk.com/sdk/click?effp=c6dcea405b0f72f26b8bb37b674db62a&_ef_transaction_id=&oid=1&affid=6&__cc=&async=json&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898
Requested by: Host: www.ghj65trk.com
URL: https://www.ghj65trk.com/scripts/sdk/everflow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.177 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 177.168.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 04b6deb663a1b44363fc59126ce37a44aa8650926697f85f5a1a163953861ed2

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secured.kraftgun.com
access-control-allow-credentials: true
x-eflow-request-id: 692f4d81-d557-4389-9aea-5e349566af5c
alt-svc: clear
content-length: 85

GET
H2 200 facebook Show response
storage.elfsight.com/api/ 196 B
1 KB 227ms
210ms Fetch
application/json 2606:4700:20::681a:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storage.elfsight.com/api/facebook?q=v8.0%2Fme%3Ffields%3Dname%252Clink%252Coverall_star_rating%252Crating_count&page_token=eyJpdiI6InNiNklVdkJoUURGOUNoMlJseFptNlE9PSIsInZhbHVlIjoiSFQ5aUhmalVhQVRjZWFEZHRhVmROSitXdW9uWlwvdHhpS1lZXC93RGtRNzBDd1RHdURpdW5FVk1vOTZBR05oNnlqWTRsWXpRWEMxRnh0aHNzUHhHSmR2VFlJYmJ2VHVkWjNnYTloRjZlcllPaTlyM2E1UEVJVThTaUljWXpMSkRxc2FyZW9HNlhHb2xIQ3VURENpS1VrVHJSNnFaMjhrMFROaGZhR2hxV1JxeHJJKzk1cVc4U2lMRlRtWlZjdk9OQlpSNFE3aXNYMVJUSTIrWEM5a1BCOGVPRXZyaE43TmllYkVwd25Yd2JxZmJyMFlZNUtUSnRZdENJTis2OTE0WGd3KzRPK09XZEI4a0p1ZndsNnd1c1ZuQT09IiwibWFjIjoiYWI0NTkwMjg0ZWIzMTdiY2RmNjEwNjFjYTRhOTUxMGU4YWNhYjZmMDc1NzY5N2MxNDUyNjYxNjQ3ZjAzZjA4NCJ9

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/facebook-reviews/release/5b03c028-86aa-4646-a270-9919d2da8c48/app/facebook-reviews.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa5e8ab420b5f265723ffdc53976e8c9914b25a32dd2b1f01d1cc1fc8964937

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
access-control-allow-methods: GET
strict-transport-security: max-age=0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e04a66f00004a858b1d2000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8dd8M5QE%2B%2BeSEJPo1r%2FCUDnOZcVgaLPr54I4NB2hTmh9fXqHJehMRhFUsIdjQhOk3LIiUWKmnZFAl54Bamd0Kp6eFB5Jo8eFFB3%2FGPJUCkgmkMru%2BgHvImXKkjq4pf098g%3D%3D"}],"max_age":604800}
content-type: application/json
access-control-allow-origin: https://secured.kraftgun.com
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 62437083e8dc4a85-FRA
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=444674280268662&ev=Microdata&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&rl=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&if=false&ts=1613773901527&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN%22%2C%22meta%3Akeywords%22%3A%22%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN%22%2C%22meta%3Adescription%22%3A%22%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1613773901023.945431994&it=1613773900734&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 19 Feb 2021 22:31:41 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
59 B 105ms
102ms Image
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=102556840&e=e&n=4771064508362293&aid=Lhmy0L8rEem7A7ISMW1pEA&amp=0&at=1&c=-1&ccp=0&cp=0&d=2&eb=0&ed=10&emi=ct9ud5lnrr9i&i=0&id=PSSJZVRO&lsa=fail&mt=1&pbd=1&pbr=1&pgi=mhjugokq9ryd&ph=3&pid=vG2mJbcu&pii=0&pl=429&plc=1&pli=19ey1xcs4b1p&pp=hlsjs&ppm=VOD&prc=2&ps=4&pss=1&pt=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&pv=8.18.4&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Meet%20The%20Strongest%20Massage%20Gun%20Ever%20-%20The%20Kraftgun%20Force!&tv=3.35.0&vb=0&vi=0&vl=90&wd=762&ab=0&cae=0&cb=1&cdid=botr_PSSJZVRO_vG2mJbcu_div&cme=0&dd=1&flc=0&fv=&ga=0&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FPSSJZVRO.m3u8&pbc=0&pd=2&pdr=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&plng=en-US&plt=1150&pni=0&po=0&pogt=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&sp=0&st=560&sa=1613773901604
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-fra19128-FRA
x-cache: MISS
x-cache-hits: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
49 B 112ms
110ms Image
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-822467228&e=e&n=4419941600138615&aid=Lhmy0L8rEem7A7ISMW1pEA&amp=0&at=1&c=-1&ccp=0&cp=0&d=2&eb=1&ed=10&emi=1jb7u7ef238q&i=0&id=DQ2Yjd5J&lsa=fail&mt=1&pbd=1&pbr=1&pgi=mhjugokq9ryd&ph=3&pid=NZo33V7a&pii=0&pl=0&plc=1&pli=tkh2h3gg2teu&pp=hlsjs&ppm=VOD&prc=2&ps=4&pss=1&pt=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690369%26sub4%3D1123207856%26sub5%3Df7172b32836e48aab5f55fe6d9092898%26oid2%3D6711%26dmn%3Dwww.vdksda.com&pv=8.18.4&pyc=0&s=0&sdk=0&stc=2&stpe=0&t=Final%2060056c4450cee9002ff34ba6%20944444&tv=3.35.0&vb=0&vi=0&vl=90&wd=0&ab=0&cae=0&cb=1&cdid=botr_DQ2Yjd5J_NZo33V7a_div&cme=0&dd=1&flc=0&fv=&ga=0&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FDQ2Yjd5J.m3u8&pbc=0&pd=2&pdr=https%3A%2F%2Fpopularkite.com%2F1763ffaef58a8591800%2F2021_we602bfb038e982%2Fymwe%257CM21unJj%3D%257Cgd3o4%257Cwwwwx%257C1jvq6qh%257C43978%257Czzzyr124cj%257CY%257CM21unJj%3D%257CPC%257C1cvig5b%2Fp3ygp2uipaD2ZQWvMzVjZmuyLzAzK3MfK0SwqTy2MGRkqzksq2H0&plng=en-US&plt=1150&pni=0&po=0&pogt=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&sp=0&st=540&sa=1613773901605
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-fra19128-FRA
x-cache: MISS
x-cache-hits: 0

GET
H2 200 app.js Show response
static-v.tawk.to/709/ 503 KB
111 KB 37ms
35ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/709/app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5cd1205ed07d7e0c63924148/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://secured.kraftgun.com
Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 366618
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e04a7290000c29555842000000001
last-modified: Fri, 15 Jan 2021 22:41:20 GMT
server: cloudflare
etag: W/"d4160b3dd3f8809cdee87d79588bd521"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 624370850fa5c295-FRA

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
993 B 13ms
12ms XHR
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5cd1205ed07d7e0c63924148&widgetId=default

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81baf169ef807d1f5c1f840a16d469f1b2d0576dc832e2f2deeb174e6f72cf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1512
strict-transport-security: max-age=0; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e04a76a0000c2952a934000000001
x-served-by: visitor-application-preemptive-hdrh
server: cloudflare
etag: W/"1-7-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 624370857fd5c295-FRA

POST
H2 200 1613773901678 Show response
va.tawk.to/register/ 1 KB
2 KB 231ms
217ms XHR
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register/1613773901678

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e63cbdc16f7cb39ef2f1f4832bf44965b78875acb44aebbdea700f8e1c5dfbea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Feb 2021 22:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e04a77f00004ed4fb14a000000001
x-served-by: visitor-application-preemptive-bb1b
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://secured.kraftgun.com
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 624370859e6c4ed4-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame A1AC 7 KB
620 B 35ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 21:12:08 GMT
server: ESF
date: Fri, 19 Feb 2021 22:31:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 22:31:41 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 1782 7 KB
620 B 31ms
23ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 21:16:34 GMT
server: ESF
date: Fri, 19 Feb 2021 22:31:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 22:31:41 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame FAD1 7 KB
1 KB 25ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 21:16:20 GMT
server: ESF
date: Fri, 19 Feb 2021 22:31:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 22:31:41 GMT

GET
H2 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame FAD1 192 B
246 B 22ms
7ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 862353
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 152
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by: cache-fra19138-FRA
date: Fri, 19 Feb 2021 22:31:41 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame FAD1 295 KB
53 KB 22ms
7ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 862352
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 53889
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by: cache-fra19138-FRA
date: Fri, 19 Feb 2021 22:31:41 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsa39.tawk.to/s/ 101 B
227 B 666ms
663ms XHR
application/octet-stream 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsa39.tawk.to/s/?k=60303c4deb6b714e1b7eff0d&u=7Py3hdKxZMFifAJGTwT92ceGLz%2Fa6%2BIjw%2FLIJEcaqyfHQ7EEevP7A6Pf86eF7IY0&uv=2&a=5cd1205ed07d7e0c63924148&cver=0&pop=false&jv=709&asver=442988&ust=false&EIO=3&transport=polling&__t=NUyQv1_

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebd25a7c5e02f30a69cd8667f7c96a273b551f3128fec4bd3cfe22992f31810c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://secured.kraftgun.com
access-control-allow-credentials: true
cf-ray: 6243708738594ed4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101
cf-request-id: 085e04a88400004ed4e5975000000001

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame FAD1 413 B
516 B 17ms
7ms Image
image/png 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 862351
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19138-FRA
date: Fri, 19 Feb 2021 22:31:41 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsa39.tawk.to/s/ 77 B
289 B 651ms
651ms XHR
application/octet-stream 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fba7275682a9673a0742ea58f4e549aa93b6fd410c9329d0a53d1e3902cd494

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://secured.kraftgun.com
access-control-allow-credentials: true
cf-ray: 6243708b6ddc4ed4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77
cf-request-id: 085e04ab1f00004ed4fc16b000000001

POST
H2 200 v3 Show response
va.tawk.to/log-performance/ 5 B
218 B 177ms
177ms XHR
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Feb 2021 22:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085e04adac00004ed4fb196000000001
x-served-by: visitor-application-preemptive-bb1b
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secured.kraftgun.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6243708f7aa44ed4-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 / Show response
vsa39.tawk.to/s/ 4 B
89 B 694ms
693ms XHR
application/octet-stream 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690369&sub4=1123207856&sub5=f7172b32836e48aab5f55fe6d9092898&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 22:31:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://secured.kraftgun.com
access-control-allow-credentials: true
cf-ray: 6243708f7aa74ed4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4
cf-request-id: 085e04adae00004ed4d63f0000000001

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secured.kraftgun.com/	1970-01-19 16:16:14	Name: outbrain_cid_fetch Value: true
secured.kraftgun.com/	1970-01-19 20:35:25	Name: ubvs Value: 89.249.64.1711614725652806561
.kraftgun.com/	1970-01-19 18:25:49	Name: _fbp Value: fb.1.1613773901023.945431994
secured.kraftgun.com/	1970-01-20 09:47:25	Name: _sp_id.a783 Value: 2d0ca8d3-f8e7-449d-8772-49bb16f48742.1613773901.1.1613773901.1613773901.c94cc545-3f8e-4dc2-a735-c861fe2822c8
secured.kraftgun.com/special-offer/	1969-12-31 23:59:59	Name: ubrs Value: weighted
.kraftgun.com/	1970-01-20 09:47:25	Name: _lc2_fpi Value: b915b628ebc1--01eyy6q30s0pmaq6twrhhwag0a
secured.kraftgun.com/	1970-01-19 16:16:15	Name: _sp_ses.a783 Value: *
.kraftgun.com/	1970-01-19 16:39:37	Name: _uetvid Value: 3c8e91e0730211eb86369371d0bffbd0
.kraftgun.com/	1970-01-19 16:17:40	Name: _uetsid Value: 3c8e5430730211eb930b278ab8e3f2c1
.kraftgun.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .kraftgun.com
.kraftgun.com/	1970-01-19 16:20:33	Name: ubvt Value: 89.249.64.1711614725652806561
secured.kraftgun.com/special-offer/	1970-01-19 20:41:11	Name: ubpv Value: dp%2C9177cfcd-7d13-4f97-ad68-ae2e0b0577a9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1218832/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"add_to_cart","id":1218832,"tim":1613773900789}'. TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

92ab5d6997844ed5b484a962b8c15274.js.ubembed.com
a.quora.com
ajax.googleapis.com
amplify.outbrain.com
apps.elfsight.com
assets-jpcust.jwpsrv.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
bit.ly
builder-assets.unbounce.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.powerinboxedge.com
cdn.taboola.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
embed.tawk.to
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gricinomis.com
popularkite.com
prd.jwpltx.com
q.quora.com
rp.liadm.com
rp4.liadm.com
s.yimg.com
secured.kraftgun.com
ssl.p.jwpcdn.com
static-v.tawk.to
static.elfsight.com
storage.elfsight.com
tr.outbrain.com
track.rev-stripe.com
va.tawk.to
vsa39.tawk.to
www.facebook.com
www.ghj65trk.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.vdksda.com
103.253.27.81
13.226.156.219
13.226.159.129
13.226.159.37
13.226.159.89
13.84.54.237
142.250.185.130
151.101.113.2
151.101.193.131
167.114.223.193
18.196.95.178
199.232.137.44
23.218.209.87
2600:1f18:730:b110:b216:4622:d058:b1a9
2600:9000:2127:ca00:1d:11cf:5800:93a1
2600:9000:2182:2200:1:a3fa:7cc0:93a1
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2606:4700:20::681a:66b
2606:4700:20::681a:76b
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a02:26f0:7100::687e:2471
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
2a04:4e42:600::626
3.227.227.165
3.88.95.40
34.102.170.20
34.107.168.177
35.173.63.32
67.199.248.10
70.42.32.159
02b3bb1f88fed173c3534d0da79d5059ca521dc7dd198966c93ecb0d05899d9d
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
04b6deb663a1b44363fc59126ce37a44aa8650926697f85f5a1a163953861ed2
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
0d7dfce86212c9f55721793e9d90538039a9850a1e0179a89b28e2f11b02152d
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
109fad99353bbe333d48b73f4596496db0f58587547646eee5efeef9fc559d07
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114c86edc7d1cb27c3ffbe36a75538940cec1945a0dcd18886e46ff403ad25b9
11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d3ace30022de6ae6591a86be77735d65535d81f2f09a7e6b5da4d6561a2e245
1da9819bcabac9e138d1f10c7d1c76f3da09e894f7a140ffb82e15710d877199
1dd065c2a10c5c9ab803c37299252f97e4fe7daa78734ad70600ab39e1de3da2
1fba7275682a9673a0742ea58f4e549aa93b6fd410c9329d0a53d1e3902cd494
234d0122e66c0d10aab31476a37034d125a2d02fd32aed890c40b1c4b1245809
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37db44090775a0db612e85eb879059ea05283db5af38eb665434b55399df8e1b
3a35b42068a61c55a20f5c9b684d040105ccfbac546a5459d47852159e00f0ab
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480c94856db67d2688e950a7136a771a29649a8f1bd609d5d5a58deb545c4b08
485684debae59368f4869b98b228c36719ba92fe983e42c66aea2a729c1b6f8e
4c616b0445de7236c857bbcff63e3236985202ead1d6676dd74b6151a5d88800
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4e09b68632588396c28cfadd6fda5f86b0bd0e0119c955ea0ba8121c34c0fa37
4fa5e8ab420b5f265723ffdc53976e8c9914b25a32dd2b1f01d1cc1fc8964937
5025336d1edb4c33d186ff577eb89d33cc8138dca56f3f3273657e941075a2c4
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
51a5c52f86e1f5c17f703d83aea85809292aed00d81029344a6dc631c1bb2a26
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559d4a17c7aaab7f11e1186166237f5b9416a5fa7ffd0683dd69eaf890b95ea5
55e05ce33fadaa42b4fea7b79cb849c3bc84329390cfd18fe373a8d2c799143c
562c176f75228c71c53f4634f48c5b1a486710c1fd527d87346032b7b0b31ec0
57bfe1e2f003fe73760150f93bcabc700a196342d84a6fa4008f1b6b8e3d1911
59627f3e033ac9accd50430910b344872727c1bb8c50b86f24cb31831e2232bf
5ae676cbaa4682fc440d42a3f7f52d8ee7a3ea268df777efe2172f0abf80b4e3
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
64f7626a65bb8304d55454d4b8049040d0875269980147a3d6f2d5b2f14580fb
6654e48770de22777ac01873bbf8164bc4650880375aca22245f43d6cabae6ef
671d10f7c57123625a336067f3b4de6933b918cb54bc53b8f19c07c4d3fec119
676139110081858300e270e344848783134bb86a4957d009dbb35728076ca51e
6c57e3e2b22c5bf3cd60a9a7bb27fb9447b5dc632b7f2ae2401e611ba6a635c6
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
718979297beb70a013363d25eecad1fd17fd33b7f28105905ec7786337557a5c
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
805ecfd7d133a29af3e4aa9860423382673a4f7986e8c0ff7574eeeab3976fa9
81baf169ef807d1f5c1f840a16d469f1b2d0576dc832e2f2deeb174e6f72cf6a
847b27981dd4481fb07cb2b37f1b8f97e9eaaf8aac1d03056c848aaaf7fe8a26
89ffbe9e6cde6f9a1887c2132dba300a9f57d3ceb3dcb4042947e0cd8fdf0f9e
8c7130370033d153a95ab055b0d43797fd69e80dd1473e2d6317f36e4740a722
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
95ae25c936e35ab8dfe9eadaeb5854cf241279f4d7f72a954285e12bb5ee0212
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a168a45678f7bce828e1a68b728db75794e0f57aefd292d1957606dd4e657105
a28afcf4acdbf76fa66d2e70a5247503b4c4c8513f60fa502c030f188e610401
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b21d841d8c418f185506ff91595be0acb8ac14e9ff8c129ba1a0a7138c11184b
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
c64b3c13cbec214d71d5bb65728b45743ff4defc44da055c2d0ce8b3d0aa7e72
ca18b4566b2617faf5874673737c4f8bc9054b31cb815db233638af08d656fdb
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbb6455cb0bee893bfdad8ce1adb134523cfa2a371430626fd1f5a574db6f5a2
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d576307215d8210dc87ef40f71a4c2eb4f283d807179544dce9321ecd2117604
d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929
dd815ec21b627973b71f25caab033018fd26649b46a4402fb3ebf36e07e0179f
dfa05a5964f7993f83a296584170a7e49ace63db0891f1e53add0635e022bf6b
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e1f14612916bca52fcd4e2df47e39fb08b1dab021cf0585f2279e35b2a542ecb
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63cbdc16f7cb39ef2f1f4832bf44965b78875acb44aebbdea700f8e1c5dfbea
ebd25a7c5e02f30a69cd8667f7c96a273b551f3128fec4bd3cfe22992f31810c
ed5969737902a6ab2815c64df0d19336fe38d3ed2e020e481fd3c90bc97dd520
edb636567453187de643d9ea326d6ed5489b91dab0e6f489fc2d73082483cabc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
efa4dd86e7978014e1a3eacdee1f5dea2bd05033f7cfd1af6928dd0c7bd6111b
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6cb35768200fed66c189f15b5d753304edfc6c815f418b06c975a501c428ec7
f9423e6b6787be5118f00c71c19df2146fa7bc508f34d9e2d40cdff38b016306
f9f3a9510b5367a09a2f85a8aeca7086409a2ef900c5d980e50e7b3947b1acec
fbddb5dc71dbc432fe3c0882955fd4942934d931ea1cf8ed3107b6f8e8f6c7c8

secured.kraftgun.com Open in urlscan Pro 18.196.95.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

108 Requests

99 %HTTPS

51 %IPv6

34 Domains

46 Subdomains

38 IPs

5 Countries

1522 kBTransfer

4414 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secured.kraftgun.com Open in urlscan Pro
18.196.95.178 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

99 %
HTTPS

51 %
IPv6

34
Domains

46
Subdomains

38
IPs

5
Countries

1522 kB
Transfer

4414 kB
Size

12
Cookies

108 HTTP transactions
1 data transactions