client.ppcshield.io Open in urlscan Pro
2606:4700:20::681a:ec2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://client.ppcshield.io/
Effective URL:
https://client.ppcshield.io/login
Submission: On September 14 via manual (September 14th 2023, 7:20:26 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 23 domains to perform 66 HTTP transactions. The main IP is 2606:4700:20::681a:ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is client.ppcshield.io. The Cisco Umbrella rank of the primary domain is 420300.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 25th 2023. Valid for: a year.

This is the only time client.ppcshield.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	2606:4700:20:... 2606:4700:20::681a:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
3	13.225.34.93 13.225.34.93	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
1	52.84.18.89 52.84.18.89	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
1	18.64.183.69 18.64.183.69	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
2	2600:141b:13:... 2600:141b:13::17d7:8252	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	162.159.153.247 162.159.153.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3768	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
5 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	184.29.129.105 184.29.129.105	16625 (AKAMAI-AS) (AKAMAI-AS)
2	91.201.28.212 91.201.28.212	203480 (QUALITYUNIT) (QUALITYUNIT)
1	44.219.60.126 44.219.60.126	14618 (AMAZON-AES) (AMAZON-AES)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:250... 2600:9000:2507:8200:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	52.85.247.60 52.85.247.60	16509 (AMAZON-02) (AMAZON-02)
1	54.75.154.185 54.75.154.185	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20a... 2600:9000:20aa:e00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
1	44.236.147.194 44.236.147.194	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.18.221.102 52.18.221.102	16509 (AMAZON-02) (AMAZON-02)
66	32

11 2606:4700:20::681a:ec2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

client.ppcshield.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.34.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-93.cdg3.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.18.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-18-89.ord53.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.183.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-183-69.ord58.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::17d7:8252 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3768 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.29.129.105 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-105.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.201.28.212 (Slovakia)

ASN203480 (QUALITYUNIT, SK)

ppcshield.postaffiliatepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.219.60.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-60-126.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2507:8200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.247.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-247-60.ord51.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.154.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-154-185.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20aa:e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.147.194 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-147-194.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.221.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-221-102.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ppcshield.io 2 redirects client.ppcshield.io — Cisco Umbrella Rank: 420300	954 KB
9	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8039	3 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1526 q.stripe.com — Cisco Umbrella Rank: 9326 m.stripe.com — Cisco Umbrella Rank: 1429	135 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 410 www.linkedin.com — Cisco Umbrella Rank: 692 px4.ads.linkedin.com — Cisco Umbrella Rank: 6273	5 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 125 www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 180	24 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3248 tr.outbrain.com — Cisco Umbrella Rank: 2995 wave.outbrain.com — Cisco Umbrella Rank: 3199	8 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	229 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3619	70 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	239 B
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2988 content.hotjar.io — Cisco Umbrella Rank: 7457	420 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1625	18 KB
2	postaffiliatepro.com ppcshield.postaffiliatepro.com	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	168 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6422 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5725	3 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 5595 q.quora.com — Cisco Umbrella Rank: 3991	15 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 970	9 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 905 script.hotjar.com — Cisco Umbrella Rank: 1125	59 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	172 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56	2 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1189	378 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1118	7 KB
66	23

	Domain	Requested by
11	client.ppcshield.io	2 redirects client.ppcshield.io static.cloudflareinsights.com
9	mc.yandex.com	3 redirects client.ppcshield.io mc.yandex.ru
3	px.ads.linkedin.com	3 redirects
3	q.stripe.com	client.ppcshield.io
3	mc.yandex.ru	2 redirects client.ppcshield.io
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	client.ppcshield.io
3	js.stripe.com	client.ppcshield.io js.stripe.com
2	www.facebook.com	client.ppcshield.io
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	tr.outbrain.com	amplify.outbrain.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	ppcshield.postaffiliatepro.com	www.googletagmanager.com ppcshield.postaffiliatepro.com
2	connect.facebook.net	client.ppcshield.io connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	client.ppcshield.io www.google-analytics.com
2	fonts.googleapis.com	client.ppcshield.io
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	analytics.google.com	www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	px4.ads.linkedin.com	client.ppcshield.io
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	wave.outbrain.com	amplify.outbrain.com
1	q.quora.com	client.ppcshield.io
1	amplify.outbrain.com	client.ppcshield.io
1	rum-static.pingdom.net	www.googletagmanager.com
1	a.quora.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	static.hotjar.com	client.ppcshield.io
1	static.cloudflareinsights.com	client.ppcshield.io
1	apis.google.com	client.ppcshield.io
66	37

This site contains links to these domains. Also see Links.

Domain
www.ppcshield.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-25` - `2024-03-24`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
quora.com R3	`2023-08-08` - `2023-11-06`	3 months	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2022-11-13` - `2023-11-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-24` - `2023-09-22`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.postaffiliatepro.com R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.quora.com R3	`2023-09-03` - `2023-12-02`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-08-01` - `2023-11-02`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-31` - `2023-10-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M01	`2023-02-10` - `2023-12-20`	10 months	crt.sh

This page contains 3 frames:

Primary Page: https://client.ppcshield.io/login
Frame ID: FE606316AB60386A5A898BFA83916A34
Requests: 58 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: E1678A147C87F19199E203DC855392D1
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 162B97F4EDC47103A8DF1EDDB044DDF7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login To Your PPC Shield Account.

Page URL History Show full URLs

http://client.ppcshield.io/ HTTP 301
https://client.ppcshield.io/ HTTP 302
https://client.ppcshield.io/login Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

66
Requests

94 %
HTTPS

58 %
IPv6

23
Domains

37
Subdomains

32
IPs

6
Countries

1903 kB
Transfer

6009 kB
Size

39
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ppcshield.io/pricing/
Title: Sign Up

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://client.ppcshield.io/ HTTP 301
https://client.ppcshield.io/ HTTP 302
https://client.ppcshield.io/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3488025%26time%3D1694719220548%26url%3Dhttps%253A%252F%252Fclient.ppcshield.io%252Flogin%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKbixfhhubVWQAAAYqVIx1ttQ38QZBcxC8qNzwtPVTr80NS9kxOKFOYxyYrK2s781f_sw

Request Chain 56

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10126.LQYqibfFdcPFwgKbkGLavz08gEZlvQAjciWnHGaxaUs26dbgDNBdsruFcBSlShEj.VK_47UdWf9lyP5OiFvXkXcrYr6s%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10126.jBPdrcdArVLHbyMcwRsJcEfRwYx-RWMZxNh_sfQ0OhynNqmOhK7TbavkeeWAH5H5tXtJAF3nfaNnfSWVwWIxciWC1jMQ0__dev0Bgin34w8%2C.W5LSCnX8Z0cxpbe8MOH9ZvUzQJ8%2C

Request Chain 58

https://mc.yandex.com/watch/74946712?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A466229225736%3Ahid%3A1046248455%3Az%3A-600%3Ai%3A20230914092021%3Aet%3A1694719221%3Ac%3A1%3Arn%3A59780294%3Arqn%3A1%3Au%3A1694719221116923157%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C343%2C1%2C502%2C0%2C%2C841%2C2%2C%2C%2C%2C2074%3Aco%3A0%3Acpf%3A1%3Ans%3A1694719218009%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694719222%3At%3ALogin%20To%20Your%20PPC%20Shield%20Account.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/74946712/1?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A466229225736%3Ahid%3A1046248455%3Az%3A-600%3Ai%3A20230914092021%3Aet%3A1694719221%3Ac%3A1%3Arn%3A59780294%3Arqn%3A1%3Au%3A1694719221116923157%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C343%2C1%2C502%2C0%2C%2C841%2C2%2C%2C%2C%2C2074%3Aco%3A0%3Acpf%3A1%3Ans%3A1694719218009%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694719222%3At%3ALogin%20To%20Your%20PPC%20Shield%20Account.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 61

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10126.IT1kpWjfwRFZCa_KacnP7ridJ0LCDcD9i8RPBl9nWNRJQ7XmZjheAjcleW9pSvsb.MyiPouqcrwBljCbjh6E1F0sndFU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10126.E8qGFExM9hCgdoAu_Kiu69BKIsS2cVJA3dOnRkzW7h0XZlBz0OOQmzQ2rexKC6GUTj6ezF2E3YyW26pZlxbZjalxJhK_GAsBSPHAFEXjZ0I%2C.w9il6cX6gre0i-hr7azSXNfKvOM%2C

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
client.ppcshield.io/
Redirect Chain

http://client.ppcshield.io/
https://client.ppcshield.io/
https://client.ppcshield.io/login

4 KB
2 KB

343ms
343ms

Document
text/html

2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389c01e1674f42c9799e5f5ed392e7a34009a30f94ce4c52f3a6f94a2a37fd1d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 806afc8bca25334f-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Sep 2023 19:20:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBwabKpQHjHVCZAnbNTRQCEE98JINMOKFZGmtyg%2Bp%2Bbu6GuBtA8ZS9U00G5G1RN9TewSCkkJS51BR4QYOia3CsxbpGsaQT3AvAtOWKsJTXypTdFZweIU8HPKKt%2BYQUO2UhvNE1wIqj5nkgvxSWLjRzk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-cache, private
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 806afc89ce96334f-MIA
content-type: text/html; charset=UTF-8
date: Thu, 14 Sep 2023 19:20:18 GMT
location: https://client.ppcshield.io/login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lj14Yxpd0vlnVXFy1To4z%2B%2B99g8lwwpIABQZEye2AAOqcWn8rm%2FHqoK%2FOjRHke7pyQ2aSM0E8znHUnr3a6%2BPPinHiZL1Lb3awN4zmjc5FP%2BF3M%2Fbjk4Z%2FYIrNLc2prB2uUu8weTkxl%2Fst2B8hHeAhJY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 vendor.js Show response
client.ppcshield.io/js/ 183 KB
66 KB 564ms
562ms Script
application/javascript 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/js/vendor.js

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

798a37ca9975da4cbda197e29f35821626777886259249533f2cc30d6830fdda

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Jul 2020 14:27:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2db6b-5ab1ca859f9c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqW4R%2Fnss3NoQZdpr8kFB%2BWPe%2FFMXTJYEaBxRrJqE1QSUt8qTNg5hAC9ByXTjmOZXAjr0%2BTx75FlIFAID4eqlqqm3rN%2FTWxJB7jbuMGgiSYuB%2BMFWJbvZM1pztcX8nVTQE6PxfpAHgQvKmNAXR62wQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 806afc8dfd92334f-MIA

GET
H2 200 app.js Show response
client.ppcshield.io/js/ 3 MB
820 KB 811ms
810ms Script
application/javascript 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/js/app.js?id=6baee40bb722fa7ac052

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03921922a28716a4a69caeea11598aaca7f50273a65e5bf55b8a7733ffb908d9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 11:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"28e1d9-5e426da7d9be9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hh8fsbrhKkrOG17p%2BfrFGvu8BYyOFVr3uoXRBtZWzIgN9XYcuplzFelwJZxDHSWgxWlmz1RssWSB30nsymHBiGA%2FcjULrhrQDHn2jiGPJ8ezi63B1uSmt%2BSv5XRfBRVwPtY0uSvvewaMrcmexHe4Ds%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 806afc8dfd96334f-MIA

GET
H2 200 site.js Show response
client.ppcshield.io/js/ 4 KB
2 KB 301ms
301ms Script
application/javascript 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/js/site.js?id=d1f85d0d62231572ee12

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4229dba63d704baf25978036e4e1b39fd2345b663821f7cf6a10b8370e18b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 11:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"edc-5e426da7d9be9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ji%2FJgmg44taDx1%2FZHu6DcK73mUAOuUY7tHHeQMzsyIXcUAdMmNySeb%2BS1NqU7V5L%2FhuTpHj1pSV5PHVNXWR9LSD50%2B408CRTOelL4gDdjvut2pwwCgspgW55Vc%2Bl10AUkcGsM5EbSegDduaeG2cris%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 806afc92deb3334f-MIA

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 282ms
99ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13499aaf026263e1df495859efe16fc7e928d087b1206a593594cc7bee4728a0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 19:20:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21840
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "6d6113196b448c31"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:20:19 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 526 KB
131 KB 505ms
166ms Script
text/javascript 13.225.34.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-93.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a746d5b37c53e3fef07b43c0298eca710e7c5ce740d55e07abd31e4aa82fe285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 19:20:17 GMT
via: 1.1 19fefe7d41cfedb99873c7b5cd95d410.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 6
x-cache: Hit from cloudfront
last-modified: Thu, 14 Sep 2023 17:24:48 GMT
server: Cloudfront
etag: W/"c4e1c571336505c614a9ef3605f3ca58"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: CA1MSGgU9xXp_RXxwUv8Hc3Ul3uor2vuDbiFCtpVpa1vnDYYyTNqIQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 337ms
104ms Script
text/javascript 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?lang=en&hl=en

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55f61747679ff2170e7d32959a679a179e59d0d2872a17e2eabe5124c8fb4e97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 835
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 19:20:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
623 B 305ms
136ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 18:30:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 19:20:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 302ms
134ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 18:23:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 19:20:19 GMT

GET
H2 200 app.css
client.ppcshield.io/css/ 230 KB
39 KB 444ms
443ms Stylesheet
text/css 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/css/app.css?id=1d4640dbaf5b2b56036d

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cac1c6495f64814ce02267e009f82914ecb2ee671e49a2d6ff7f7cd1d0eb174

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 11:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3987a-5e426da7d9be9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxyR2auOzkP9qqUB9CN93TwjFfggofAcUHflAn4AeDl3swHbKAgdYBF93bF9OsWDgRqIcFTNkoEG3D3MQCdoJDZYgPKjcwq%2FVWenfFjC9OvXgz3JF3BU0kcq1AOM40Ys3pewYrza79BRPx0pRVwcVk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 806afc8dfd94334f-MIA

GET
H2 200 logo-black.png
client.ppcshield.io/images/ 9 KB
9 KB 308ms
307ms Image
image/png 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.ppcshield.io/images/logo-black.png

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1243a867dd7b0823883fc1f6d37d7acb9a606526266288025df69244763ea4b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:19 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Nov 2020 06:08:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2413-5b3199485ad6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkV8ajyDK8NPRz55P%2FyLJ5ZdUaiCeAk%2Bx8xa7oC1GsBg0eGLn8V3iAg6xZu7I1UbvE5h9dU5zDQGVsupOiiUkVs1McGmAimpM3VOUaU13NqyDqFhaS5hImiTitgtkMkQMzTYp8s%2Bhe9xSDROtKx%2BqHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 806afc932f49334f-MIA
content-length: 9235

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 268ms
193ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: client.ppcshield.io
URL: https://client.ppcshield.io/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://client.ppcshield.io/
Origin: https://client.ppcshield.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 806afc939c3f31f2-MIA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
88 KB 291ms
118ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a034f7335148b1792f2387e4a04959ee1231dc4961446aa611dfb6952d01fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89419
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Sep 2023 19:20:19 GMT

GET
H2 200 hotjar-2493178.js Show response
static.hotjar.com/c/ 10 KB
4 KB 351ms
178ms Script
application/javascript 52.84.18.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2493178.js?sv=6

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.18.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-18-89.ord53.r.cloudfront.net

Software

Resource Hash

ab59f06fdbca03e764113929de79c5c4a5652444866bd3e66bab361c62a662be

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 19:20:19 GMT
via: 1.1 6f42e9f609a70feab6011df8d55ce5c2.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C2
etag: W/2c56759359d3a254337b213b7c87cb81
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: bl92uAIhTworU41WXo5KcylCvFZ7-PFZHyT78Wd-u_X0KQhcu8ByPg==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ 453 KB
182 KB 278ms
87ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?lang=en&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://client.ppcshield.io/
Origin: https://client.ppcshield.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 22:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185696
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 22:19:18 GMT

GET
H2 200 Login-page-image.svg
client.ppcshield.io/images/ 14 KB
7 KB 305ms
304ms Image
image/svg+xml 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.ppcshield.io/images/Login-page-image.svg

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2f49cd3c80140bc96656cfbd9c08a2c0254db3d3e974551b8e862cf27f5a80

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Mar 2021 12:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3689-5bda6cd95b337"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J48s%2FFCRQHvupcLuYFMUzSwKwpzn4B7cWUIrkiB8Y7KpeflTK%2F0ne9%2BnB%2FDUMNW3NRS9axaSJSfyCgBvHvJaQlBeUmCC9o%2BLN0C8Rao5t8muYJ2ME1o3r7QELsyQAMKUwl6iMLIXPtC9wWJ7QqXTNEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
cf-ray: 806afc932f56334f-MIA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 242ms
74ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.ppcshield.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 21:01:26 GMT
x-content-type-options: nosniff
age: 80333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 21:01:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 261ms
93ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.ppcshield.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 20:47:37 GMT
x-content-type-options: nosniff
age: 81162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 20:47:37 GMT

GET
H2 200 logo-black.png
client.ppcshield.io/images/ 6 KB
7 KB 44ms
43ms Image
image/webp 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.ppcshield.io/images/logo-black.png

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34f93f885cee5d4d2504e34a0abc4b56c2c28f7d8a28f010c3af834efb0778b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
cf-polished: origFmt=png, origSize=9235
content-disposition: inline; filename="logo-black.webp"
content-length: 6358
cf-bgj: imgq:100,h2pri
last-modified: Mon, 02 Nov 2020 06:08:50 GMT
server: cloudflare
etag: "2413-5b3199485ad6d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNLOjmV6wxRStZmTeRaEBhEyV5I0uOjcNtLahkRVGR8ON1FcTFYatB936ZWKzGNYv4ZxM1QcOJZYogNtjQAms3j3JZDCZd1hbgYuplsqoG9KgnhQKeZ2YT1wN6TKN3gdiE%2FpqDjxAZKJVmf7vDm96jk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 806afc959ba1334f-MIA

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame E167 200 B
1 KB 137ms
136ms Document
text/html 13.225.34.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-93.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.ppcshield.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3493
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 14 Sep 2023 18:22:07 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 19fefe7d41cfedb99873c7b5cd95d410.cloudfront.net (CloudFront)
x-amz-cf-id: ipbwVkL9pa-XLcuFDP3PP18-OwrdLNBat-zEkpinxm3IlgjEEzvv2g==
x-amz-cf-pop: CDG3-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 76ms
76ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.ppcshield.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 01:12:32 GMT
x-content-type-options: nosniff
age: 497268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 01:12:32 GMT

GET
H2 200 modules.b1d0ab810250ab067071.js Show response
script.hotjar.com/ 223 KB
55 KB 215ms
72ms Script
application/javascript 18.64.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b1d0ab810250ab067071.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2493178.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.183.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-183-69.ord58.r.cloudfront.net

Software

Resource Hash

de6532713adce1f41c54a9c16d67acb3b567f9b660a422dd81a2e9c562006c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ddb54065776b6034dded842bf3f01118.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P2
age: 21014
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55750
last-modified: Thu, 14 Sep 2023 13:29:45 GMT
etag: "6b776c41a374521051e75fc2d87b8d0a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: B5M1EbKYEJ3cofvISthIVxc7BTyN8KsfNl3Zg-i2-ZgTG1aFZjE3lA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 261ms
81ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 18:27:56 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3144
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 14 Sep 2023 20:27:56 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/413579569/ 2 KB
2 KB 313ms
125ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/413579569/?random=1694719220208&cv=11&fst=1694719220208&bg=ffffff&guid=ON&async=1&gtm=45He39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Login%20To%20Your%20PPC%20Shield%20Account.&auid=837159794.1694719220&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf14ca9e94c36438a1ab2bfddcb3261407a34540396bd4f3f6dac8d9d7c28a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 231ms
65ms Script
application/x-javascript 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=42117
accept-ranges: bytes
content-length: 3822

GET
H2 200 qevents.js Show response
a.quora.com/ 40 KB
14 KB 133ms
42ms Script
text/plain 162.159.153.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 004b8e51f135d2301a2f4a3095bff25c1e513cfcbfc262b2619044c013ad3fbd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
x-amz-version-id: JkV8DxJFOm6bAd.FN2cCEZGaprkpf4SX
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: E0APRYDJ8P7BWDBR
age: 39579
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: agRi9P2kqbghiTayNhrU/nuCPCoqXr5P4OrypddqsAeG22pPfxNdDs92LFsbyArrNTqNkSIG2YY=
last-modified: Mon, 28 Aug 2023 18:47:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:f9b3de4bccf9cbb848acf8a33500ffd3
etag: W/"f9b3de4bccf9cbb848acf8a33500ffd3"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 806afc97097f2227-MIA
expires: Thu, 14 Sep 2023 23:20:20 GMT

GET
H2 200 pa-5ed7c7ca8e83fa001500025d.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 592ms
519ms Script
application/javascript 2606:4700:10::6816:3768
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5ed7c7ca8e83fa001500025d.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d47a7d63d1cef178c9ae032fcf019f1784284ab28348a3808cb263a29a60ba9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 806afc96e9732215-MIA
expires: Thu, 14 Sep 2023 19:25:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 205ms
66ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Sep 2023 19:20:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: /ir7ARqHQDPk60GbwZK+gSb2LbzbElfVmxTES1q9wuIgujiCMReYwxZwoRPw4yG5mKTvD5LZTQgRLT+Z0v18sQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 760ms
379ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

92d967aa9f47d13c45fa328edf25255a86f1b4cabf5673a516166a274da4c235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 11:49:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64f98ea1-11420"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70688
expires: Thu, 14 Sep 2023 20:20:20 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 23 KB
7 KB 212ms
67ms Script
application/x-javascript 184.29.129.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: client.ppcshield.io
URL: https://client.ppcshield.io/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.29.129.105 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-129-105.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5e772fa0cae63acae0163e8c0b0531f20421b58f5dbaf1dc319bc44f2c928929

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 19:20:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 10:04:36 GMT
Server: AkamaiNetStorage
ETag: "5815fbf64c9af594c239523fd631e077:1692096292.680957"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7087
Expires: Thu, 14 Sep 2023 19:40:20 GMT

GET
H2 200 q8790mjv6 Show response
ppcshield.postaffiliatepro.com/scripts/ 27 KB
6 KB 690ms
168ms Script
application/javascript 91.201.28.212
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL

https://ppcshield.postaffiliatepro.com/scripts/q8790mjv6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GH3HD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),

Reverse DNS

Software

nginx /

Resource Hash

61a370ef1e85081932323b6b07009f20b0db76ef19484b2bb20a14e14235c85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (2.lb-app.pap.ws-eu)
x-srv: 1
age: 0
last-modified: Wed, 31 May 2023 13:39:28 GMT
server: nginx
etag: W/"6a50-5fcfd72e3a400"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 694654307
cache-control: max-age=120
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:22:20 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/b5b364d1aba841e1b731568900396ccc/ 43 B
421 B 240ms
61ms Image
image/gif 44.219.60.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/b5b364d1aba841e1b731568900396ccc/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fclient.ppcshield.io%2Flogin

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.219.60.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-219-60-126.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 19:20:20 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,70717cc55872f5f2d28eb54c34d6eb2e,10.0.0.68,45124,38.132.118.76,,153261518743,1,1694719220.560,0.001,,.,0,0,0.000,0.004,-,0,0,197,194,97,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E167 631 B
1 KB 137ms
136ms Script
text/javascript 13.225.34.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-93.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 14 Sep 2023 19:16:22 GMT
x-content-type-options: nosniff
via: 1.1 19fefe7d41cfedb99873c7b5cd95d410.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 239
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Hhv3Qe2a3rb-pKr5ZwZmh9drjxIdHriUCG3GmJKdfeFloW3Es6rPyA==

POST
H2 200 csp-report
q.stripe.com/ Frame E167 0
717 B 336ms
112ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694719220646178
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694719220645854
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E167 0
718 B 334ms
110ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694719220646236
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694719220645947
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 162B 930 B
2 KB 217ms
65ms Document
text/html 2600:9000:2507:8200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2507:8200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 50
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 14 Sep 2023 19:19:31 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 63a4e61b4b406c1536ed36dc35d5a134.cloudfront.net (CloudFront)
x-amz-cf-id: DK3x49GG5VugoHEGHTUHcL3sT7Up2Q7q3QZgG0wUZcxgLk9yH4z5XA==
x-amz-cf-pop: ORD58-P7
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 266ms
66ms Ping
image/gif 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=05346463553257939&referrer=&cht=gtm&marketerId=00f3b2867d4bf5e6a9e48b09982c89f2e1&name=PAGE_VIEW&dl=https%3A%2F%2Fclient.ppcshield.io%2Flogin&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 19:20:20 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 1215dda82b78392477744119f0a49b58
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 264ms
84ms Script
application/javascript 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00f3b2867d4bf5e6a9e48b09982c89f2e1
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 19:20:20 GMT
content-encoding: br
X-TraceId: bf14db480a3151c02b70aba2edea2850
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 00f3b2867d4bf5e6a9e48b09982c89f2e1 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 229ms
86ms Script
text/html 184.29.129.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/00f3b2867d4bf5e6a9e48b09982c89f2e1
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.29.129.105 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-129-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 19:20:20 GMT
Content-Encoding: gzip
ob-sent-time: 1694592059815
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=60
X-CC: US
Connection: keep-alive
X-TraceId: bdd090ddd42e670d8ad63f0dac5ea20a
Content-Length: 22
Expires: Thu, 14 Sep 2023 19:21:20 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 65ms
65ms Script
application/x-javascript 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=37204
accept-ranges: bytes
content-length: 4862

GET
H2 204 2493178 Show response
vc.hotjar.io/sessions/ 0
259 B 338ms
145ms XHR
text/plain 52.85.247.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2493178?s=0.25&r=0.14167198706345463
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b1d0ab810250ab067071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.247.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-247-60.ord51.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
via: 1.1 4657350ff2715d2be9ad9783d238616a.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: ORD51-C4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: tIQOegAjCCYEjiYYd6drWYJLtiLkNIv7DjOvQz9JDXaeRZYkPbvprg==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 438ms
141ms XHR
application/json 54.75.154.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b1d0ab810250ab067071.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.75.154.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-154-185.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 30696ca1be16f6a0d6c95441f59975bdf9fab0d6bffc14918daa2d99c7be384e

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 14 Sep 2023 19:20:20 GMT
content-length: 56
vary: Origin
content-type: application/json

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 97ms
96ms XHR
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1784911294&t=pageview&_s=1&dl=https%3A%2F%2Fclient.ppcshield.io%2Flogin&ul=en-us&de=UTF-8&dt=Login%20To%20Your%20PPC%20Shield%20Account.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=667619683&gjid=156573066&cid=1099645811.1694719221&tid=UA-74617829-10&_gid=1953395572.1694719221&_r=1&_slc=1&gtm=45He39d0n81N8GH3HD&z=1426121246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8147ca41a5022280c5426591a55630bc602530f4b3e5a2a89e0e1ba28649c231

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.ppcshield.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/413579569/ 42 B
327 B 110ms
110ms Image
image/gif 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/413579569/?random=1694719220208&cv=11&fst=1694718000000&bg=ffffff&guid=ON&async=1&gtm=45He39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&frm=0&tiba=Login%20To%20Your%20PPC%20Shield%20Account.&fmt=3&is_vtc=1&random=1766318834&rmt_tld=0&ipr=y

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3488025/domain/client.ppcshield.io/ 36 B
378 B 213ms
61ms XHR
application/json 2600:9000:20aa:e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3488025/domain/client.ppcshield.io/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://client.ppcshield.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:42:41 GMT
content-encoding: gzip
via: 1.1 27eb501c8caff149895f88cac34554ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 23859
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=26871
x-amz-cf-id: CCSFC7N7B3E3zx-2z7F0p2Kvkoz1eYfA50N6fEhslkfAwsz5mSJmLQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3488025%26time%3D1694719220548%26url%3Dhttps%253A%252F%252Fclient.ppcshield.io%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKbixfhhubVWQAAAYqVIx1ttQ38QZBcxC8q...

0
489 B

223ms
145ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKbixfhhubVWQAAAYqVIx1ttQ38QZBcxC8qNzwtPVTr80NS9kxOKFOYxyYrK2s781f_sw
Requested by: Host: client.ppcshield.io
URL: https://client.ppcshield.io/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 78529AEB9AD34E69B335EC29A0A6C1D6 Ref B: MIA301000103023 Ref C: 2023-09-14T19:20:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFVpEuC/VFGR6jjs08tw==

Redirect headers

date: Thu, 14 Sep 2023 19:20:20 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 40BB29D45CC14FAABFC76C5773D2B2F1 Ref B: MIAEDGE2916 Ref C: 2023-09-14T19:20:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3488025&time=1694719220548&url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKbixfhhubVWQAAAYqVIx1ttQ38QZBcxC8qNzwtPVTr80NS9kxOKFOYxyYrK2s781f_sw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFVpEq3RvAYsYiZrShDA==

GET
H2 200 439864737329509 Show response
connect.facebook.net/signals/config/ 420 KB
115 KB 118ms
118ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/439864737329509?v=2.9.127&r=stable&domain=client.ppcshield.io

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b19126f23c8e043307853da272499605cd6faa60b72d59df051700f6684d6290

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Sep 2023 19:20:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Ny0pwoXBqVpZXEXINuLoEPUp8R6LaLa5W17/ZfpnLcPUIIEIhSyAZWDuj0SMd6JkWMkpTA1RVwC2dshGXWAKZw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 162B 0
491 B 113ms
113ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694719220646915
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1694719220646616
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 162B 87 KB
16 KB 90ms
90ms Script
text/javascript 2600:9000:2507:8200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2507:8200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 19:19:08 GMT
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
via: 1.1 63a4e61b4b406c1536ed36dc35d5a134.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P7
etag: W/"69cb7809b5011312e716f29b3d19dce6"
age: 73
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: AHwYz2VOMN6TyyBfcmEMVYZPGjjz6vWAJ976E4cfM4vbdoyn2pKnyA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
349 B 192ms
69ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-74617829-10&cid=1099645811.1694719221&jid=667619683&gjid=156573066&_gid=1953395572.1694719221&_u=YEBAAEAAAAAAACAAI~&z=1487809772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Sep 2023 19:20:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.ppcshield.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
84 KB 128ms
127ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2ZC8DXKNPC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

506c55d35e5c54fc631c6557fe3c0907621cdc814f7a4d3fe842261c7a2e0de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 19:20:20 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 162B 156 B
669 B 341ms
115ms XHR
application/json 44.236.147.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.147.194 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-147-194.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

03f6f00f9e25eb9b2caae81c0587a97b3bcc6adc8731619e48086fcd483efdc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 14 Sep 2023 19:20:21 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694719221038184
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694719221037882
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 203ms
66ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=439864737329509&ev=PageView&dl=https%3A%2F%2Fclient.ppcshield.io%2Flogin&rl=&if=false&ts=1694719220801&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1694719220800.2009013147&it=1694719220574&coo=false&rqm=GET

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Sep 2023 19:20:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
247 B 261ms
99ms Ping
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-2ZC8DXKNPC&_ono=1&gtm=45je39d0&_p=1784911294&_gaz=1&ul=en-us&sr=1600x1200&cid=1099645811.1694719221&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fclient.ppcshield.io%2Flogin&dt=Login%20To%20Your%20PPC%20Shield%20Account.&sid=1694719220&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZC8DXKNPC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.ppcshield.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 69ms
68ms Ping
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-2ZC8DXKNPC&cid=1099645811.1694719221&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZC8DXKNPC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.ppcshield.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 84ms
84ms Image
image/gif 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74617829-10&cid=1099645811.1694719221&jid=667619683&_u=YEBAAEAAAAAAACAAI~&z=2120464222

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 q8790mrv6 Show response
ppcshield.postaffiliatepro.com/scripts/ 66 B
354 B 161ms
161ms Script
application/x-javascript 91.201.28.212
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL: https://ppcshield.postaffiliatepro.com/scripts/q8790mrv6?accountId=default1&url=S_client.ppcshield.io%2Flogin&referrer=&isInIframe=false&getParams=&anchor=
Requested by: Host: ppcshield.postaffiliatepro.com
URL: https://ppcshield.postaffiliatepro.com/scripts/q8790mjv6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software: nginx /
Resource Hash: 33fdd3e3b40a5265e139b9c4a14d68385c0f194b0494c38931d9da880c5fec31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: application/octet-stream, application/x-javascript
date: Thu, 14 Sep 2023 19:20:21 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10126.LQYqibfFdcPFwgKbkGLavz08gEZlvQAjciWnHGaxaUs26dbgDNBdsruFcBSlShEj.VK_47UdWf9lyP5OiFvXkXcrYr6s%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10126.jBPdrcdArVLHbyMcwRsJcEfRwYx-RWMZxNh_sfQ0OhynNqmOhK7TbavkeeWAH5H5tXtJAF3nfaNnfSWVwWIxciWC1jMQ0__dev0Bgin34w8%2C.W5LSCnX8Z0cxpbe8MOH9ZvUzQJ8%2C

43 B
67 B

192ms
192ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10126.jBPdrcdArVLHbyMcwRsJcEfRwYx-RWMZxNh_sfQ0OhynNqmOhK7TbavkeeWAH5H5tXtJAF3nfaNnfSWVwWIxciWC1jMQ0__dev0Bgin34w8%2C.W5LSCnX8Z0cxpbe8MOH9ZvUzQJ8%2C

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:21 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10126.jBPdrcdArVLHbyMcwRsJcEfRwYx-RWMZxNh_sfQ0OhynNqmOhK7TbavkeeWAH5H5tXtJAF3nfaNnfSWVwWIxciWC1jMQ0__dev0Bgin34w8%2C.W5LSCnX8Z0cxpbe8MOH9ZvUzQJ8%2C
date: Thu, 14 Sep 2023 19:20:21 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
138 B 191ms
191ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: client.ppcshield.io
URL: https://client.ppcshield.io/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:21 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 11:49:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64f98ea1-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 14 Sep 2023 20:20:21 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/74946712/
Redirect Chain

https://mc.yandex.com/watch/74946712?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1698%3Afu%3A0%...
https://mc.yandex.com/watch/74946712/1?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1698%3Afu%3A...

435 B
841 B

192ms
192ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/74946712/1?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A466229225736%3Ahid%3A1046248455%3Az%3A-600%3Ai%3A20230914092021%3Aet%3A1694719221%3Ac%3A1%3Arn%3A59780294%3Arqn%3A1%3Au%3A1694719221116923157%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C343%2C1%2C502%2C0%2C%2C841%2C2%2C%2C%2C%2C2074%3Aco%3A0%3Acpf%3A1%3Ans%3A1694719218009%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694719222%3At%3ALogin%20To%20Your%20PPC%20Shield%20Account.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

385bfbd14a3b04715b2f961092fd3b1a5306f97de8da8b96388729294c859846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 14-Sep-2023 19:20:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.ppcshield.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Thu, 14-Sep-2023 19:20:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:21 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 14-Sep-2023 19:20:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/74946712/1?wmode=7&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A466229225736%3Ahid%3A1046248455%3Az%3A-600%3Ai%3A20230914092021%3Aet%3A1694719221%3Ac%3A1%3Arn%3A59780294%3Arqn%3A1%3Au%3A1694719221116923157%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C343%2C1%2C502%2C0%2C%2C841%2C2%2C%2C%2C%2C2074%3Aco%3A0%3Acpf%3A1%3Ans%3A1694719218009%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694719222%3At%3ALogin%20To%20Your%20PPC%20Shield%20Account.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: https://client.ppcshield.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 14-Sep-2023 19:20:21 GMT

POST
H2 204 rum Show response
client.ppcshield.io/cdn-cgi/ 0
196 B 68ms
67ms XHR
text/plain 2606:4700:20::681a:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.ppcshield.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://client.ppcshield.io/login
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type: application/json

Response headers

date: Thu, 14 Sep 2023 19:20:21 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://client.ppcshield.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 806afca03812334f-MIA

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 579ms
142ms XHR
text/plain 52.18.221.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5ed7c7ca8e83fa001500025d&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=501&cE=501&dLE=501&dLS=501&fS=501&hS=-1&rE=-1&rS=-1&reS=502&resS=845&resE=846&uEE=-1&uES=-1&dL=848&dI=1687&dCLES=2073&dCLEE=2076&dC=3766&lES=3766&lEE=3767&s=nt&title=Login%20To%20Your%20PPC%20Shield%20Account.&path=https%3A%2F%2Fclient.ppcshield.io%2Flogin&ref=&sId=8bh132f1&sST=1694719221&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5ed7c7ca8e83fa001500025d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.221.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-221-102.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 14 Sep 2023 19:20:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10126.IT1kpWjfwRFZCa_KacnP7ridJ0LCDcD9i8RPBl9nWNRJQ7XmZjheAjcleW9pSvsb.MyiPouqcrwBljCbjh6E1F0sndFU%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10126.E8qGFExM9hCgdoAu_Kiu69BKIsS2cVJA3dOnRkzW7h0XZlBz0OOQmzQ2rexKC6GUTj6ezF2E3YyW26pZlxbZjalxJhK_GAsBSPHAFEXjZ0I%2C.w9il6cX6gre0i-hr7...

43 B
79 B

196ms
195ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10126.E8qGFExM9hCgdoAu_Kiu69BKIsS2cVJA3dOnRkzW7h0XZlBz0OOQmzQ2rexKC6GUTj6ezF2E3YyW26pZlxbZjalxJhK_GAsBSPHAFEXjZ0I%2C.w9il6cX6gre0i-hr7azSXNfKvOM%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:20:22 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10126.E8qGFExM9hCgdoAu_Kiu69BKIsS2cVJA3dOnRkzW7h0XZlBz0OOQmzQ2rexKC6GUTj6ezF2E3YyW26pZlxbZjalxJhK_GAsBSPHAFEXjZ0I%2C.w9il6cX6gre0i-hr7azSXNfKvOM%2C
date: Thu, 14 Sep 2023 19:20:22 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 67ms
67ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=439864737329509&ev=Microdata&dl=https%3A%2F%2Fclient.ppcshield.io%2Flogin&rl=&if=false&ts=1694719222305&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20To%20Your%20PPC%20Shield%20Account.%22%2C%22meta%3Adescription%22%3A%22Access%20your%20PPC%20Shield%20dashboard%2C%20monitor%20all%20fraudulent%20clicks%20that%20we%20blocked%20and%20all%20the%20money%20you%27ve%20saved.%20Enjoy%20real-time%20protection%20and%20instant%20savings.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.127&r=stable&ec=1&o=30&fbp=fb.1.1694719220800.2009013147&it=1694719220574&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.ppcshield.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Sep 2023 19:20:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 74946712 Show response
mc.yandex.com/webvisor/ 43 B
145 B 410ms
409ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/74946712?wv-part=1&wmode=0&wv-hit=1046248455&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&rn=954618614&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1694719225%3Aw%3A1600x1200%3Av%3A1111%3Az%3A-600%3Ai%3A20230914092025%3Au%3A1694719221116923157%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1694719225&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:25 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 14-Sep-2023 19:20:25 GMT
content-type: image/gif
access-control-allow-origin: https://client.ppcshield.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Sep-2023 19:20:25 GMT

POST
H2 200 74946712 Show response
mc.yandex.com/webvisor/ 43 B
73 B 196ms
195ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/74946712?wv-part=1&wmode=0&wv-hit=1046248455&page-url=https%3A%2F%2Fclient.ppcshield.io%2Flogin&rn=70264720&wv-type=3&browser-info=we%3A1%3Aet%3A1694719225%3Aw%3A1600x1200%3Av%3A1111%3Az%3A-600%3Ai%3A20230914092025%3Au%3A1694719221116923157%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1694719225&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.ppcshield.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 19:20:25 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 14-Sep-2023 19:20:25 GMT
content-type: image/gif
access-control-allow-origin: https://client.ppcshield.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Sep-2023 19:20:25 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
client.ppcshield.io/	1970-01-20 14:46:31	Name: ppcshield_session Value: eyJpdiI6ImVPK3hJRHBqMG9TclJPdEVjbzQrVGc9PSIsInZhbHVlIjoid3QramQyTEVJeGxHYWNRN2syT1JLbzV0d2FzcmRJd1hucU1NVTY5Q3Q3QnhqUVRZeFNCdHVpbUZ5NlorYUZMRG9QZ21mVzhmcTAzNFNnVlVLSzVLUUZnVFgwZ1BkNlBxRzZsbCtLNTJtM1pKb01VMDlTZ3NDTEdIanRsaXA2NzUiLCJtYWMiOiI1M2EyZmRlYzBmMzc4YTVmODhjMTYzMmUyMzI3M2YzZGE5OWQwYmY2YWRhMGU2NmJmNjdlYTA4ZGFjOGEzYmY3In0%3D
.ppcshield.io/	1970-01-20 16:54:55	Name: _gcl_au Value: 1.1.837159794.1694719220
.ppcshield.io/	1970-01-20 23:30:55	Name: _hjSessionUser_2493178 Value: eyJpZCI6IjFmMGI5YWZiLTNiODAtNWZiMC1iZGEyLTQxMWExN2JhOTA5MyIsImNyZWF0ZWQiOjE2OTQ3MTkyMjA1MDUsImV4aXN0aW5nIjpmYWxzZX0=
.ppcshield.io/	1970-01-20 14:45:21	Name: _hjFirstSeen Value: 1
.ppcshield.io/	1970-01-20 14:45:19	Name: _hjIncludedInSessionSample_2493178 Value: 1
.ppcshield.io/	1970-01-20 14:45:21	Name: _hjSession_2493178 Value: eyJpZCI6IjMyYWM1NTVkLTk0OGUtNDljNi1hYWI4LTk4Nzk1ZDkwYjVlZSIsImNyZWF0ZWQiOjE2OTQ3MTkyMjA1MDYsImluU2FtcGxlIjp0cnVlfQ==
.ppcshield.io/	1970-01-20 14:45:21	Name: _hjAbsoluteSessionInProgress Value: 1
.doubleclick.net/	1970-01-20 14:45:20	Name: test_cookie Value: CheckForPermission
.ppcshield.io/	1970-01-21 00:21:19	Name: _ga Value: GA1.2.1099645811.1694719221
.ppcshield.io/	1970-01-20 14:46:45	Name: _gid Value: GA1.2.1953395572.1694719221
.ppcshield.io/	1970-01-20 14:45:19	Name: _gat_UA-74617829-10 Value: 1
client.ppcshield.io/	1970-01-20 14:45:19	Name: outbrain_cid_fetch Value: true
.linkedin.com/	1970-01-20 16:54:55	Name: li_sugr Value: 90b8a67f-5b7b-40c3-966e-3d2e9eaaf604
.linkedin.com/	1970-01-20 23:30:55	Name: bcookie Value: "v=2&d6326202-64ba-483a-8b99-b0e2cbebd7de"
.linkedin.com/	1970-01-20 14:46:45	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2638:u=1:x=1:i=1694719220:t=1694805620:v=2:sig=AQH5gPyokWmXYPfzJxQcOH1YfN1BUpMj"
client.ppcshield.io/	1970-01-20 14:46:45	Name: ln_or Value: eyIzNDg4MDI1IjoiZCJ9
.ppcshield.io/	1970-01-20 16:54:55	Name: _fbp Value: fb.1.1694719220800.2009013147
.ppcshield.io/	1970-01-21 00:21:19	Name: _ga_2ZC8DXKNPC Value: GS1.2.1694719220.1.0.1694719220.60.0.0
.linkedin.com/	1970-01-20 15:28:31	Name: UserMatchHistory Value: AQKOqpEPUKidNQAAAYqVIxxdB2oJVnHVv3D4g0iea05Gf5RGMvv4dSjESCAPK0t7_-qGhFoli1Nx9w
.linkedin.com/	1970-01-20 15:28:31	Name: AnalyticsSyncHistory Value: AQIVpCYXP_P5ZgAAAYqVIxxdK5GhIxhLuJOTJ-U5PLG06yG6bhmwNq_jP7SpQoh2Gn-DzKcjybkB9svMruorcg
.www.linkedin.com/	1970-01-20 23:30:55	Name: bscookie Value: "v=1&2023091419202006c38acf-df55-4330-8b0f-6176b1c0d28fAQFtV16O2R4pW8R9Fyuimeftoacwy1E6"
m.stripe.com/	1970-01-21 00:21:19	Name: m Value: 1db14ed7-66db-4008-918a-f401bcc9cd3dcd3ca2
.client.ppcshield.io/	1970-01-20 23:30:55	Name: __stripe_mid Value: a79c9c78-8e10-491a-9b29-d1293ff9508e16bb57
.client.ppcshield.io/	1970-01-20 14:45:21	Name: __stripe_sid Value: 80ff5931-66eb-4a5c-bae5-84d8c8b91705331310
.postaffiliatepro.com/	1970-01-20 23:31:16	Name: PAPVisitorId Value: jG9im36e7XDqnaql86QxlYqMUMq6ZIov
.ppcshield.io/	1970-01-20 23:30:55	Name: PAPVisitorId Value: jG9im36e7XDqnaql86QxlYqMUMq6ZIov
.client.ppcshield.io/	1970-01-20 23:30:55	Name: PAPVisitorId Value: jG9im36e7XDqnaql86QxlYqMUMq6ZIov
.ppcshield.io/	1970-01-20 23:30:55	Name: _ym_uid Value: 1694719221116923157
.ppcshield.io/	1970-01-20 23:30:55	Name: _ym_d Value: 1694719221
.mc.yandex.com/	1970-01-20 14:45:19	Name: sync_cookie_csrf Value: 544469586fake
.ppcshield.io/	1970-01-20 14:46:31	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 14:45:19	Name: sync_cookie_csrf Value: 3959890844fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1901236751694719221
.yandex.com/	1970-01-21 00:21:19	Name: i Value: ClsMYyTJLt1SPfu3h7sJw97n00SZpN6DGKUzUaPYFpjKjgQfQ0vH+NwGu4we+ydKcpkp725wQnCd74HjH6UQc/bZI5Q=
.yandex.com/	1970-01-21 00:21:19	Name: yandexuid Value: 8371321911694719221
.yandex.com/	1970-01-20 23:30:55	Name: yuidss Value: 8371321911694719221
.yandex.com/	1970-01-20 23:30:55	Name: ymex Value: 1726255221.yrts.1694719221#1726255221.yrtsi.1694719221
.yandex.com/	1970-01-20 23:30:55	Name: bh Value: KgI/MA==
.ppcshield.io/	1970-01-20 14:45:21	Name: _ym_visorc Value: w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
amplify.outbrain.com
analytics.google.com
apis.google.com
cdn.linkedin.oribi.io
client.ppcshield.io
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
mc.yandex.com
mc.yandex.ru
ppcshield.postaffiliatepro.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
q.stripe.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
script.hotjar.com
snap.licdn.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
tr.outbrain.com
vc.hotjar.io
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.107.42.14
13.225.34.93
162.159.153.247
18.64.183.69
184.29.129.105
2600:141b:13::17d7:8252
2600:9000:20aa:e00:2:53b2:240:93a1
2600:9000:2507:8200:19:7d10:bd80:93a1
2606:4700:10::6816:3768
2606:4700:20::681a:ec2
2606:4700::6810:3965
2607:f8b0:4004:c09::9b
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80d::2004
2607:f8b0:4006:81c::2008
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2003
2620:1ec:21::14
2a02:6b8::1:119
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
44.219.60.126
44.236.147.194
52.18.221.102
52.84.18.89
52.85.247.60
54.187.119.242
54.75.154.185
70.42.32.95
91.201.28.212
004b8e51f135d2301a2f4a3095bff25c1e513cfcbfc262b2619044c013ad3fbd
03921922a28716a4a69caeea11598aaca7f50273a65e5bf55b8a7733ffb908d9
03f6f00f9e25eb9b2caae81c0587a97b3bcc6adc8731619e48086fcd483efdc3
0d47a7d63d1cef178c9ae032fcf019f1784284ab28348a3808cb263a29a60ba9
1243a867dd7b0823883fc1f6d37d7acb9a606526266288025df69244763ea4b7
13499aaf026263e1df495859efe16fc7e928d087b1206a593594cc7bee4728a0
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
30696ca1be16f6a0d6c95441f59975bdf9fab0d6bffc14918daa2d99c7be384e
33fdd3e3b40a5265e139b9c4a14d68385c0f194b0494c38931d9da880c5fec31
34f93f885cee5d4d2504e34a0abc4b56c2c28f7d8a28f010c3af834efb0778b1
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
385bfbd14a3b04715b2f961092fd3b1a5306f97de8da8b96388729294c859846
389c01e1674f42c9799e5f5ed392e7a34009a30f94ce4c52f3a6f94a2a37fd1d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
506c55d35e5c54fc631c6557fe3c0907621cdc814f7a4d3fe842261c7a2e0de7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f61747679ff2170e7d32959a679a179e59d0d2872a17e2eabe5124c8fb4e97
5cac1c6495f64814ce02267e009f82914ecb2ee671e49a2d6ff7f7cd1d0eb174
5e772fa0cae63acae0163e8c0b0531f20421b58f5dbaf1dc319bc44f2c928929
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61a370ef1e85081932323b6b07009f20b0db76ef19484b2bb20a14e14235c85f
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
798a37ca9975da4cbda197e29f35821626777886259249533f2cc30d6830fdda
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d4229dba63d704baf25978036e4e1b39fd2345b663821f7cf6a10b8370e18b0
8147ca41a5022280c5426591a55630bc602530f4b3e5a2a89e0e1ba28649c231
8e2f49cd3c80140bc96656cfbd9c08a2c0254db3d3e974551b8e862cf27f5a80
92d967aa9f47d13c45fa328edf25255a86f1b4cabf5673a516166a274da4c235
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9a034f7335148b1792f2387e4a04959ee1231dc4961446aa611dfb6952d01fc9
a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1
a746d5b37c53e3fef07b43c0298eca710e7c5ce740d55e07abd31e4aa82fe285
ab59f06fdbca03e764113929de79c5c4a5652444866bd3e66bab361c62a662be
acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b19126f23c8e043307853da272499605cd6faa60b72d59df051700f6684d6290
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
bdf14ca9e94c36438a1ab2bfddcb3261407a34540396bd4f3f6dac8d9d7c28a3
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6532713adce1f41c54a9c16d67acb3b567f9b660a422dd81a2e9c562006c86
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

client.ppcshield.io Open in urlscan Pro 2606:4700:20::681a:ec2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

94 %HTTPS

58 %IPv6

23 Domains

37 Subdomains

32 IPs

6 Countries

1903 kBTransfer

6009 kBSize

39 Cookies

1 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

client.ppcshield.io Open in urlscan Pro
2606:4700:20::681a:ec2 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

94 %
HTTPS

58 %
IPv6

23
Domains

37
Subdomains

32
IPs

6
Countries

1903 kB
Transfer

6009 kB
Size

39
Cookies

66 HTTP transactions
0 data transactions